npm - @vybestack/llxprt-code - Versions diffs - 0.7.0 → 0.8.0-nightly.251231.feb9158c8 - Mend

@vybestack/llxprt-code 0.7.0 → 0.8.0-nightly.251231.feb9158c8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/dist/src/config/sandboxConfig.js CHANGED Viewed

@@ -7,14 +7,158 @@ import { FatalSandboxError } from '@vybestack/llxprt-code-core';
 import commandExists from 'command-exists';
 import * as os from 'node:os';
 import { getPackageJson } from '../utils/package.js';
+import { resolvePath } from '../utils/resolvePath.js';
+import { ensureDefaultSandboxProfiles, loadSandboxProfile, } from './sandboxProfiles.js';
 const VALID_SANDBOX_COMMANDS = [
     'docker',
     'podman',
     'sandbox-exec',
 ];
+const VALID_ENGINE_CHOICES = [
+    'auto',
+    'docker',
+    'podman',
+    'sandbox-exec',
+    'none',
+];
+const VALID_NETWORK_CHOICES = ['on', 'off', 'proxied'];
+const VALID_SSH_AGENT_CHOICES = ['auto', 'on', 'off'];
 function isSandboxCommand(value) {
     return VALID_SANDBOX_COMMANDS.includes(value);
 }
+function isEngineChoice(value) {
+    return VALID_ENGINE_CHOICES.includes(value);
+}
+function normalizeEngineInput(value) {
+    if (!value) {
+        return undefined;
+    }
+    const trimmed = value.trim().toLowerCase();
+    if (trimmed.length === 0) {
+        return undefined;
+    }
+    if (!isEngineChoice(trimmed)) {
+        throw new FatalSandboxError(`Invalid sandbox engine '${value}'. Must be one of ${VALID_ENGINE_CHOICES.join(', ')}`);
+    }
+    return trimmed;
+}
+function parseMemoryLimit(memory) {
+    const trimmed = memory.trim();
+    if (trimmed.length === 0) {
+        throw new FatalSandboxError('Sandbox memory value cannot be empty');
+    }
+    const match = trimmed.match(/^(\d+)([kKmMgG])?$/);
+    if (!match) {
+        throw new FatalSandboxError(`Invalid sandbox memory value '${memory}'. Expected values like 512m or 2g.`);
+    }
+    const value = Number(match[1]);
+    if (!Number.isFinite(value) || value <= 0) {
+        throw new FatalSandboxError(`Sandbox memory value must be positive, got '${memory}'.`);
+    }
+    const unit = match[2]?.toLowerCase() ?? 'm';
+    return `${value}${unit}`;
+}
+function parseCpuLimit(value) {
+    const cpuValue = typeof value === 'string' ? Number(value) : value;
+    if (!Number.isFinite(cpuValue) || cpuValue <= 0) {
+        throw new FatalSandboxError(`Sandbox CPU value must be greater than zero, got '${value}'.`);
+    }
+    return cpuValue;
+}
+function parsePidsLimit(value) {
+    const pidsValue = typeof value === 'string' ? Number(value) : value;
+    if (!Number.isFinite(pidsValue) || pidsValue <= 0) {
+        throw new FatalSandboxError(`Sandbox pids value must be greater than zero, got '${value}'.`);
+    }
+    if (!Number.isInteger(pidsValue)) {
+        throw new FatalSandboxError(`Sandbox pids value must be an integer, got '${value}'.`);
+    }
+    return pidsValue;
+}
+function resolveMountPath(input) {
+    const resolved = resolvePath(input);
+    if (!resolved) {
+        throw new FatalSandboxError(`Mount path cannot be empty.`);
+    }
+    return resolved;
+}
+function normalizeEnvEntries(env) {
+    if (!env) {
+        return undefined;
+    }
+    const entries = {};
+    for (const [key, value] of Object.entries(env)) {
+        if (typeof value !== 'string') {
+            throw new FatalSandboxError(`Sandbox env value for '${key}' must be a string.`);
+        }
+        const trimmedValue = value.trim();
+        if (trimmedValue.startsWith('~') ||
+            trimmedValue.toLowerCase().startsWith('%userprofile%')) {
+            entries[key] = resolvePath(trimmedValue);
+        }
+        else {
+            entries[key] = value;
+        }
+    }
+    return entries;
+}
+function normalizeMounts(mounts) {
+    if (!mounts) {
+        return undefined;
+    }
+    return mounts.map((mount) => {
+        if (!mount.from || mount.from.trim().length === 0) {
+            throw new FatalSandboxError('Sandbox mount requires a "from" path.');
+        }
+        const from = resolveMountPath(mount.from);
+        const to = mount.to ? resolveMountPath(mount.to) : undefined;
+        const mode = mount.mode ?? 'ro';
+        if (mode !== 'ro' && mode !== 'rw') {
+            throw new FatalSandboxError(`Sandbox mount mode must be 'ro' or 'rw', got '${mode}'.`);
+        }
+        return { from, to, mode };
+    });
+}
+function normalizeSandboxProfile(profile) {
+    const normalized = { ...profile };
+    if (profile.engine) {
+        const engine = normalizeEngineInput(profile.engine);
+        normalized.engine = engine;
+    }
+    if (profile.network) {
+        const normalizedNetwork = profile.network.trim().toLowerCase();
+        if (!VALID_NETWORK_CHOICES.includes(normalizedNetwork)) {
+            throw new FatalSandboxError(`Invalid sandbox network '${profile.network}'. Must be one of ${VALID_NETWORK_CHOICES.join(', ')}`);
+        }
+        normalized.network =
+            normalizedNetwork;
+    }
+    if (profile.sshAgent) {
+        const normalizedSsh = profile.sshAgent.trim().toLowerCase();
+        if (!VALID_SSH_AGENT_CHOICES.includes(normalizedSsh)) {
+            throw new FatalSandboxError(`Invalid sandbox sshAgent '${profile.sshAgent}'. Must be one of ${VALID_SSH_AGENT_CHOICES.join(', ')}`);
+        }
+        normalized.sshAgent =
+            normalizedSsh;
+    }
+    if (profile.resources) {
+        normalized.resources = {
+            ...profile.resources,
+            cpus: profile.resources.cpus !== undefined
+                ? parseCpuLimit(profile.resources.cpus)
+                : undefined,
+            memory: profile.resources.memory !== undefined
+                ? parseMemoryLimit(profile.resources.memory)
+                : undefined,
+            pids: profile.resources.pids !== undefined
+                ? parsePidsLimit(profile.resources.pids)
+                : undefined,
+        };
+    }
+    normalized.mounts = normalizeMounts(profile.mounts);
+    normalized.env = normalizeEnvEntries(profile.env);
+    return normalized;
+}
 function getSandboxCommand(sandbox) {
     // If the SANDBOX env var is set, we're already inside the sandbox.
     if (process.env.SANDBOX) {
@@ -43,9 +187,10 @@ function getSandboxCommand(sandbox) {
         }
         throw new FatalSandboxError(`Missing sandbox command '${sandbox}' (from LLXPRT_SANDBOX)`);
     }
-    // look for seatbelt, docker, or podman, in that order
-    // for container-based sandboxing, require sandbox to be enabled explicitly
-    if (os.platform() === 'darwin' && commandExists.sync('sandbox-exec')) {
+    // All sandbox types require explicit opt-in (sandbox === true)
+    if (sandbox === true &&
+        os.platform() === 'darwin' &&
+        commandExists.sync('sandbox-exec')) {
         return 'sandbox-exec';
     }
     else if (commandExists.sync('docker') && sandbox === true) {
@@ -61,13 +206,168 @@ function getSandboxCommand(sandbox) {
     }
     return '';
 }
+function resolveSandboxEngine(engine, baseCommand) {
+    if (engine === 'none') {
+        return '';
+    }
+    const pickFallback = () => {
+        if (commandExists.sync('docker')) {
+            return 'docker';
+        }
+        if (commandExists.sync('podman')) {
+            return 'podman';
+        }
+        if (os.platform() === 'darwin' && commandExists.sync('sandbox-exec')) {
+            return 'sandbox-exec';
+        }
+        return '';
+    };
+    if (engine && engine !== 'auto') {
+        if (engine === 'sandbox-exec') {
+            if (os.platform() === 'darwin' && commandExists.sync('sandbox-exec')) {
+                return 'sandbox-exec';
+            }
+            return pickFallback();
+        }
+        if (engine === 'docker' || engine === 'podman') {
+            if (commandExists.sync(engine)) {
+                return engine;
+            }
+            return pickFallback();
+        }
+    }
+    if (baseCommand) {
+        return baseCommand;
+    }
+    // Don't auto-enable sandbox - require explicit opt-in
+    return '';
+}
+function applyProfileEnvironment(profile) {
+    const env = {};
+    if (profile.env) {
+        for (const [key, value] of Object.entries(profile.env)) {
+            env[key] = value;
+        }
+    }
+    if (profile.network) {
+        env.LLXPRT_SANDBOX_NETWORK = profile.network;
+    }
+    if (profile.sshAgent) {
+        env.LLXPRT_SANDBOX_SSH_AGENT = profile.sshAgent;
+    }
+    if (profile.resources?.cpus !== undefined) {
+        env.LLXPRT_SANDBOX_CPUS = String(profile.resources.cpus);
+    }
+    if (profile.resources?.memory !== undefined) {
+        env.LLXPRT_SANDBOX_MEMORY = profile.resources.memory;
+    }
+    if (profile.resources?.pids !== undefined) {
+        env.LLXPRT_SANDBOX_PIDS = String(profile.resources.pids);
+    }
+    if (profile.mounts && profile.mounts.length > 0) {
+        const mountsValue = profile.mounts
+            .map((mount) => {
+            const target = mount.to ?? mount.from;
+            const mode = mount.mode ?? 'ro';
+            return `${mount.from}:${target}:${mode}`;
+        })
+            .join(',');
+        env.SANDBOX_MOUNTS = mountsValue;
+        env.LLXPRT_SANDBOX_MOUNTS = mountsValue;
+    }
+    return env;
+}
+function applySandboxProfileEnv(profile) {
+    if (!profile) {
+        return;
+    }
+    const env = applyProfileEnvironment(profile);
+    for (const [key, value] of Object.entries(env)) {
+        process.env[key] = value;
+    }
+    // Preserve backward-compatible env vars used by the sandbox launcher while
+    // ensuring the profile's explicit choices win over ambient env.
+    if (profile.network) {
+        process.env.SANDBOX_NETWORK = profile.network;
+    }
+    if (profile.sshAgent) {
+        process.env.SANDBOX_SSH_AGENT = profile.sshAgent;
+    }
+    if (profile.resources?.cpus !== undefined) {
+        process.env.SANDBOX_CPUS = String(profile.resources.cpus);
+    }
+    if (profile.resources?.memory !== undefined) {
+        process.env.SANDBOX_MEMORY = profile.resources.memory;
+    }
+    if (profile.resources?.pids !== undefined) {
+        process.env.SANDBOX_PIDS = String(profile.resources.pids);
+    }
+}
+function resolveSandboxImage(packageImage, profile, argvImage) {
+    return (argvImage ??
+        profile?.image ??
+        process.env.LLXPRT_SANDBOX_IMAGE ??
+        packageImage);
+}
+function resolveSandboxProfileName(value) {
+    if (!value) {
+        return undefined;
+    }
+    const trimmed = value.trim();
+    return trimmed.length > 0 ? trimmed : undefined;
+}
+function normalizeProfileName(profileName) {
+    return profileName.replace(/\.json$/i, '');
+}
 export async function loadSandboxConfig(settings, argv) {
-    const sandboxOption = argv.sandbox ?? settings.sandbox;
-    const command = getSandboxCommand(sandboxOption);
+    const cliEngine = normalizeEngineInput(argv.sandboxEngine);
+    if (cliEngine === 'none') {
+        return undefined;
+    }
     const packageJson = await getPackageJson();
-    const image = argv.sandboxImage ??
-        process.env.LLXPRT_SANDBOX_IMAGE ??
-        packageJson?.config?.sandboxImageUri;
-    return command && image ? { command, image } : undefined;
+    const packageImage = packageJson?.config?.sandboxImageUri;
+    let sandboxProfile;
+    const profileName = resolveSandboxProfileName(argv.sandboxProfileLoad);
+    if (profileName) {
+        await ensureDefaultSandboxProfiles(packageImage);
+        try {
+            sandboxProfile = normalizeSandboxProfile(await loadSandboxProfile(normalizeProfileName(profileName)));
+        }
+        catch (error) {
+            throw new FatalSandboxError(`Failed to load sandbox profile '${profileName}': ${error instanceof Error ? error.message : String(error)}`);
+        }
+    }
+    const sandboxOption = argv.sandbox ?? settings.sandbox;
+    let baseCommand = '';
+    try {
+        baseCommand = getSandboxCommand(sandboxOption);
+    }
+    catch (error) {
+        // If the user is driving sandbox selection via --sandbox-engine or a profile engine,
+        // allow sandboxOption parsing to fail without aborting.
+        if (!cliEngine && !sandboxProfile?.engine) {
+            throw error;
+        }
+    }
+    // Loading a sandbox profile implies sandboxing intent, even if --sandbox isn't set.
+    if (!baseCommand && sandboxProfile) {
+        baseCommand = commandExists.sync('docker')
+            ? 'docker'
+            : commandExists.sync('podman')
+                ? 'podman'
+                : os.platform() === 'darwin' && commandExists.sync('sandbox-exec')
+                    ? 'sandbox-exec'
+                    : '';
+    }
+    const command = resolveSandboxEngine(cliEngine ?? sandboxProfile?.engine, baseCommand);
+    if (!command) {
+        return undefined;
+    }
+    const image = resolveSandboxImage(packageImage, sandboxProfile, argv.sandboxImage);
+    if (!image) {
+        return undefined;
+    }
+    applySandboxProfileEnv(sandboxProfile);
+    return { command, image };
 }
 //# sourceMappingURL=sandboxConfig.js.map

package/dist/src/config/sandboxConfig.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"sandboxConfig.js","sourceRoot":"","sources":["../../../src/config/sandboxConfig.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,aAAa,MAAM,gBAAgB,CAAC;AAC3C,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAUrD,MAAM,sBAAsB,GAA4C;IACtE,QAAQ;IACR,QAAQ;IACR,cAAc;CACf,CAAC;AAEF,SAAS,gBAAgB,CAAC,KAAa;IACrC,OAAQ,sBAA4C,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACvE,CAAC;AAED,SAAS,iBAAiB,CACxB,OAA0B;IAE1B,mEAAmE;IACnE,IAAI,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QACxB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,2FAA2F;IAC3F,MAAM,4BAA4B,GAChC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC;IACzD,OAAO;QACL,4BAA4B,EAAE,MAAM,GAAG,CAAC;YACtC,CAAC,CAAC,4BAA4B;YAC9B,CAAC,CAAC,OAAO,CAAC;IACd,IAAI,OAAO,KAAK,GAAG,IAAI,OAAO,KAAK,MAAM;QAAE,OAAO,GAAG,IAAI,CAAC;SACrD,IAAI,OAAO,KAAK,GAAG,IAAI,OAAO,KAAK,OAAO,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,KAAK,CAAC;IAE7E,IAAI,OAAO,KAAK,KAAK,EAAE,CAAC;QACtB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC;QAC3C,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,iBAAiB,CACzB,4BAA4B,OAAO,qBAAqB,sBAAsB,CAAC,IAAI,CACjF,IAAI,CACL,EAAE,CACJ,CAAC;QACJ,CAAC;QACD,wCAAwC;QACxC,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAChC,OAAO,OAAO,CAAC;QACjB,CAAC;QACD,MAAM,IAAI,iBAAiB,CACzB,4BAA4B,OAAO,yBAAyB,CAC7D,CAAC;IACJ,CAAC;IAED,sDAAsD;IACtD,2EAA2E;IAC3E,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ,IAAI,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;QACrE,OAAO,cAAc,CAAC;IACxB,CAAC;SAAM,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QAC5D,OAAO,QAAQ,CAAC;IAClB,CAAC;SAAM,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QAC5D,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,oEAAoE;IACpE,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QACrB,MAAM,IAAI,iBAAiB,CACzB,sEAAsE;YACpE,+DAA+D,CAClE,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAkB,EAClB,IAAoB;IAEpB,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,IAAI,QAAQ,CAAC,OAAO,CAAC;IACvD,MAAM,OAAO,GAAG,iBAAiB,CAAC,aAAa,CAAC,CAAC;IAEjD,MAAM,WAAW,GAAG,MAAM,cAAc,EAAE,CAAC;IAC3C,MAAM,KAAK,GACT,IAAI,CAAC,YAAY;QACjB,OAAO,CAAC,GAAG,CAAC,oBAAoB;QAChC,WAAW,EAAE,MAAM,EAAE,eAAe,CAAC;IAEvC,OAAO,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AAC3D,CAAC"}
1	+ {"version":3,"file":"sandboxConfig.js","sourceRoot":"","sources":["../../../src/config/sandboxConfig.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAChE,OAAO,aAAa,MAAM,gBAAgB,CAAC;AAC3C,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EACL,4BAA4B,EAC5B,kBAAkB,GAInB,MAAM,sBAAsB,CAAC;AAW9B,MAAM,sBAAsB,GAA4C;IACtE,QAAQ;IACR,QAAQ;IACR,cAAc;CACf,CAAC;AAEF,MAAM,oBAAoB,GAAoC;IAC5D,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,cAAc;IACd,MAAM;CACP,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,SAAS,CAAU,CAAC;AAChE,MAAM,uBAAuB,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAU,CAAC;AAE/D,SAAS,gBAAgB,CAAC,KAAa;IACrC,OAAQ,sBAA4C,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACvE,CAAC;AAED,SAAS,cAAc,CAAC,KAAa;IACnC,OAAQ,oBAA0C,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,oBAAoB,CAC3B,KAAyB;IAEzB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,iBAAiB,CACzB,2BAA2B,KAAK,qBAAqB,oBAAoB,CAAC,IAAI,CAC5E,IAAI,CACL,EAAE,CACJ,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAc;IACtC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;IAC9B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,iBAAiB,CAAC,sCAAsC,CAAC,CAAC;IACtE,CAAC;IACD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAClD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,iBAAiB,CACzB,iCAAiC,MAAM,qCAAqC,CAC7E,CAAC;IACJ,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,iBAAiB,CACzB,+CAA+C,MAAM,IAAI,CAC1D,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,GAAG,CAAC;IAC5C,OAAO,GAAG,KAAK,GAAG,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED,SAAS,aAAa,CAAC,KAAsB;IAC3C,MAAM,QAAQ,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IACnE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,IAAI,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,iBAAiB,CACzB,qDAAqD,KAAK,IAAI,CAC/D,CAAC;IACJ,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,cAAc,CAAC,KAAsB;IAC5C,MAAM,SAAS,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IACpE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;QAClD,MAAM,IAAI,iBAAiB,CACzB,sDAAsD,KAAK,IAAI,CAChE,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,iBAAiB,CACzB,+CAA+C,KAAK,IAAI,CACzD,CAAC;IACJ,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAa;IACrC,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,iBAAiB,CAAC,6BAA6B,CAAC,CAAC;IAC7D,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,mBAAmB,CAC1B,GAAuC;IAEvC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,IAAI,iBAAiB,CACzB,0BAA0B,GAAG,qBAAqB,CACnD,CAAC;QACJ,CAAC;QACD,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QAClC,IACE,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC;YAC5B,YAAY,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EACtD,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACvB,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,eAAe,CACtB,MAAyC;IAEzC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;QAC1B,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,iBAAiB,CAAC,uCAAuC,CAAC,CAAC;QACvE,CAAC;QACD,MAAM,IAAI,GAAG,gBAAgB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC7D,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC;QAChC,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,iBAAiB,CACzB,iDAAiD,IAAI,IAAI,CAC1D,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IAC5B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,uBAAuB,CAAC,OAAuB;IACtD,MAAM,UAAU,GAAmB,EAAE,GAAG,OAAO,EAAE,CAAC;IAElD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,MAAM,GAAG,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACpD,UAAU,CAAC,MAAM,GAAG,MAAM,CAAC;IAC7B,CAAC;IAED,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,iBAAiB,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC/D,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,iBAA0B,CAAC,EAAE,CAAC;YAChE,MAAM,IAAI,iBAAiB,CACzB,4BAA4B,OAAO,CAAC,OAAO,qBAAqB,qBAAqB,CAAC,IAAI,CACxF,IAAI,CACL,EAAE,CACJ,CAAC;QACJ,CAAC;QACD,UAAU,CAAC,OAAO;YAChB,iBAA2D,CAAC;IAChE,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,aAAa,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC5D,IAAI,CAAC,uBAAuB,CAAC,QAAQ,CAAC,aAAsB,CAAC,EAAE,CAAC;YAC9D,MAAM,IAAI,iBAAiB,CACzB,6BAA6B,OAAO,CAAC,QAAQ,qBAAqB,uBAAuB,CAAC,IAAI,CAC5F,IAAI,CACL,EAAE,CACJ,CAAC;QACJ,CAAC;QACD,UAAU,CAAC,QAAQ;YACjB,aAAyD,CAAC;IAC9D,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;QACtB,UAAU,CAAC,SAAS,GAAG;YACrB,GAAG,OAAO,CAAC,SAAS;YACpB,IAAI,EACF,OAAO,CAAC,SAAS,CAAC,IAAI,KAAK,SAAS;gBAClC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC;gBACvC,CAAC,CAAC,SAAS;YACf,MAAM,EACJ,OAAO,CAAC,SAAS,CAAC,MAAM,KAAK,SAAS;gBACpC,CAAC,CAAC,gBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC;gBAC5C,CAAC,CAAC,SAAS;YACf,IAAI,EACF,OAAO,CAAC,SAAS,CAAC,IAAI,KAAK,SAAS;gBAClC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC;gBACxC,CAAC,CAAC,SAAS;SAChB,CAAC;IACJ,CAAC;IAED,UAAU,CAAC,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACpD,UAAU,CAAC,GAAG,GAAG,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAElD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,iBAAiB,CACxB,OAA0B;IAE1B,mEAAmE;IACnE,IAAI,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;QACxB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,2FAA2F;IAC3F,MAAM,4BAA4B,GAChC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC;IACzD,OAAO;QACL,4BAA4B,EAAE,MAAM,GAAG,CAAC;YACtC,CAAC,CAAC,4BAA4B;YAC9B,CAAC,CAAC,OAAO,CAAC;IACd,IAAI,OAAO,KAAK,GAAG,IAAI,OAAO,KAAK,MAAM;QAAE,OAAO,GAAG,IAAI,CAAC;SACrD,IAAI,OAAO,KAAK,GAAG,IAAI,OAAO,KAAK,OAAO,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,KAAK,CAAC;IAE7E,IAAI,OAAO,KAAK,KAAK,EAAE,CAAC;QACtB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,EAAE,CAAC;QAC3C,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,iBAAiB,CACzB,4BAA4B,OAAO,qBAAqB,sBAAsB,CAAC,IAAI,CACjF,IAAI,CACL,EAAE,CACJ,CAAC;QACJ,CAAC;QACD,wCAAwC;QACxC,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAChC,OAAO,OAAO,CAAC;QACjB,CAAC;QACD,MAAM,IAAI,iBAAiB,CACzB,4BAA4B,OAAO,yBAAyB,CAC7D,CAAC;IACJ,CAAC;IAED,+DAA+D;IAC/D,IACE,OAAO,KAAK,IAAI;QAChB,EAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ;QAC1B,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,EAClC,CAAC;QACD,OAAO,cAAc,CAAC;IACxB,CAAC;SAAM,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QAC5D,OAAO,QAAQ,CAAC;IAClB,CAAC;SAAM,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QAC5D,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,oEAAoE;IACpE,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QACrB,MAAM,IAAI,iBAAiB,CACzB,sEAAsE;YACpE,+DAA+D,CAClE,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,oBAAoB,CAC3B,MAAwC,EACxC,WAA0C;IAE1C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,YAAY,GAAG,GAAkC,EAAE;QACvD,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ,IAAI,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;YACrE,OAAO,cAAc,CAAC;QACxB,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC;IAEF,IAAI,MAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QAChC,IAAI,MAAM,KAAK,cAAc,EAAE,CAAC;YAC9B,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ,IAAI,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;gBACrE,OAAO,cAAc,CAAC;YACxB,CAAC;YACD,OAAO,YAAY,EAAE,CAAC;QACxB,CAAC;QACD,IAAI,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/C,IAAI,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC/B,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,OAAO,YAAY,EAAE,CAAC;QACxB,CAAC;IACH,CAAC;IAED,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,sDAAsD;IACtD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,uBAAuB,CAC9B,OAAuB;IAEvB,MAAM,GAAG,GAA2B,EAAE,CAAC;IAEvC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACvD,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACnB,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,GAAG,CAAC,sBAAsB,GAAG,OAAO,CAAC,OAAO,CAAC;IAC/C,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,GAAG,CAAC,wBAAwB,GAAG,OAAO,CAAC,QAAQ,CAAC;IAClD,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1C,GAAG,CAAC,mBAAmB,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,MAAM,KAAK,SAAS,EAAE,CAAC;QAC5C,GAAG,CAAC,qBAAqB,GAAG,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC;IACvD,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1C,GAAG,CAAC,mBAAmB,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChD,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM;aAC/B,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YACb,MAAM,MAAM,GAAG,KAAK,CAAC,EAAE,IAAI,KAAK,CAAC,IAAI,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC;YAChC,OAAO,GAAG,KAAK,CAAC,IAAI,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;QAC3C,CAAC,CAAC;aACD,IAAI,CAAC,GAAG,CAAC,CAAC;QACb,GAAG,CAAC,cAAc,GAAG,WAAW,CAAC;QACjC,GAAG,CAAC,qBAAqB,GAAG,WAAW,CAAC;IAC1C,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,sBAAsB,CAAC,OAAmC;IACjE,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;IACT,CAAC;IACD,MAAM,GAAG,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAC;IAC7C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IAC3B,CAAC;IAED,2EAA2E;IAC3E,gEAAgE;IAChE,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC;IAChD,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,OAAO,CAAC,QAAQ,CAAC;IACnD,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,MAAM,KAAK,SAAS,EAAE,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,cAAc,GAAG,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC;IACxD,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC5D,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAC1B,YAAgC,EAChC,OAAmC,EACnC,SAAkB;IAElB,OAAO,CACL,SAAS;QACT,OAAO,EAAE,KAAK;QACd,OAAO,CAAC,GAAG,CAAC,oBAAoB;QAChC,YAAY,CACb,CAAC;AACJ,CAAC;AAED,SAAS,yBAAyB,CAAC,KAAc;IAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;AAClD,CAAC;AAED,SAAS,oBAAoB,CAAC,WAAmB;IAC/C,OAAO,WAAW,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAkB,EAClB,IAAoB;IAEpB,MAAM,SAAS,GAAG,oBAAoB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC3D,IAAI,SAAS,KAAK,MAAM,EAAE,CAAC;QACzB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,cAAc,EAAE,CAAC;IAC3C,MAAM,YAAY,GAAG,WAAW,EAAE,MAAM,EAAE,eAAe,CAAC;IAE1D,IAAI,cAA0C,CAAC;IAC/C,MAAM,WAAW,GAAG,yBAAyB,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACvE,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,4BAA4B,CAAC,YAAY,CAAC,CAAC;QACjD,IAAI,CAAC;YACH,cAAc,GAAG,uBAAuB,CACtC,MAAM,kBAAkB,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC,CAC5D,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,iBAAiB,CACzB,mCAAmC,WAAW,MAAM,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAC7G,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,IAAI,QAAQ,CAAC,OAAO,CAAC;IACvD,IAAI,WAAW,GAAkC,EAAE,CAAC;IACpD,IAAI,CAAC;QACH,WAAW,GAAG,iBAAiB,CAAC,aAAa,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,qFAAqF;QACrF,wDAAwD;QACxD,IAAI,CAAC,SAAS,IAAI,CAAC,cAAc,EAAE,MAAM,EAAE,CAAC;YAC1C,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,oFAAoF;IACpF,IAAI,CAAC,WAAW,IAAI,cAAc,EAAE,CAAC;QACnC,WAAW,GAAG,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC;YACxC,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAC5B,CAAC,CAAC,QAAQ;gBACV,CAAC,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ,IAAI,aAAa,CAAC,IAAI,CAAC,cAAc,CAAC;oBAChE,CAAC,CAAC,cAAc;oBAChB,CAAC,CAAC,EAAE,CAAC;IACb,CAAC;IAED,MAAM,OAAO,GAAG,oBAAoB,CAClC,SAAS,IAAI,cAAc,EAAE,MAAM,EACnC,WAAW,CACZ,CAAC;IAEF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,KAAK,GAAG,mBAAmB,CAC/B,YAAY,EACZ,cAAc,EACd,IAAI,CAAC,YAAY,CAClB,CAAC;IAEF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,sBAAsB,CAAC,cAAc,CAAC,CAAC;IAEvC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC5B,CAAC"}

package/dist/src/config/sandboxProfiles.d.ts ADDED Viewed

@@ -0,0 +1,32 @@
+/**
+ * @license
+ * Copyright 2025 Vybestack LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+export type SandboxProfileEngine = 'auto' | 'docker' | 'podman' | 'sandbox-exec' | 'none';
+export type SandboxProfileNetwork = 'on' | 'off' | 'proxied';
+export type SandboxProfileSshAgent = 'auto' | 'on' | 'off';
+export interface SandboxProfileResources {
+    cpus?: number;
+    memory?: string;
+    pids?: number;
+}
+export interface SandboxProfileMount {
+    from: string;
+    to?: string;
+    mode?: 'ro' | 'rw';
+}
+export interface SandboxProfile {
+    engine?: SandboxProfileEngine;
+    image?: string;
+    resources?: SandboxProfileResources;
+    network?: SandboxProfileNetwork;
+    sshAgent?: SandboxProfileSshAgent;
+    mounts?: SandboxProfileMount[];
+    env?: Record<string, string>;
+}
+export declare const SANDBOX_PROFILES_DIR_NAME = "sandboxes";
+export declare function getSandboxProfilesDir(): string;
+export declare function getDefaultSandboxProfiles(image: string | undefined): Record<string, SandboxProfile>;
+export declare function ensureDefaultSandboxProfiles(image: string | undefined): Promise<void>;
+export declare function loadSandboxProfile(profileName: string): Promise<SandboxProfile>;

package/dist/src/config/sandboxProfiles.js ADDED Viewed

@@ -0,0 +1,81 @@
+/**
+ * @license
+ * Copyright 2025 Vybestack LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { Storage } from '@vybestack/llxprt-code-core';
+export const SANDBOX_PROFILES_DIR_NAME = 'sandboxes';
+export function getSandboxProfilesDir() {
+    return path.join(Storage.getGlobalLlxprtDir(), SANDBOX_PROFILES_DIR_NAME);
+}
+export function getDefaultSandboxProfiles(image) {
+    // Only include image field if a valid image is provided
+    const imageField = image ? { image } : {};
+    return {
+        dev: {
+            engine: 'auto',
+            ...imageField,
+            resources: { cpus: 2, memory: '4g', pids: 256 },
+            network: 'on',
+            sshAgent: 'auto',
+            mounts: [],
+            env: {},
+        },
+        safe: {
+            engine: 'auto',
+            ...imageField,
+            resources: { cpus: 2, memory: '4g', pids: 128 },
+            network: 'off',
+            sshAgent: 'off',
+            mounts: [],
+            env: {},
+        },
+        tight: {
+            engine: 'auto',
+            ...imageField,
+            resources: { cpus: 1, memory: '2g', pids: 64 },
+            network: 'off',
+            sshAgent: 'off',
+            mounts: [],
+            env: {},
+        },
+        offline: {
+            engine: 'auto',
+            ...imageField,
+            resources: { cpus: 2, memory: '4g', pids: 128 },
+            network: 'off',
+            sshAgent: 'off',
+            mounts: [],
+            env: {},
+        },
+    };
+}
+export async function ensureDefaultSandboxProfiles(image) {
+    const profilesDir = getSandboxProfilesDir();
+    await fs.mkdir(profilesDir, { recursive: true, mode: 0o755 });
+    const defaults = getDefaultSandboxProfiles(image);
+    await Promise.all(Object.entries(defaults).map(async ([name, profile]) => {
+        const profilePath = path.join(profilesDir, `${name}.json`);
+        const payload = JSON.stringify(profile, null, 2);
+        try {
+            await fs.writeFile(profilePath, `${payload}\n`, {
+                mode: 0o644,
+                flag: 'wx',
+            });
+        }
+        catch (error) {
+            if (error.code !== 'EEXIST') {
+                throw error;
+            }
+        }
+    }));
+}
+export async function loadSandboxProfile(profileName) {
+    const profilesDir = getSandboxProfilesDir();
+    const profilePath = path.join(profilesDir, `${profileName}.json`);
+    const raw = await fs.readFile(profilePath, 'utf8');
+    return JSON.parse(raw);
+}
+//# sourceMappingURL=sandboxProfiles.js.map

package/dist/src/config/sandboxProfiles.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sandboxProfiles.js","sourceRoot":"","sources":["../../../src/config/sandboxProfiles.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,OAAO,EAAE,MAAM,6BAA6B,CAAC;AAmCtD,MAAM,CAAC,MAAM,yBAAyB,GAAG,WAAW,CAAC;AAErD,MAAM,UAAU,qBAAqB;IACnC,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,yBAAyB,CAAC,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,KAAyB;IAEzB,wDAAwD;IACxD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1C,OAAO;QACL,GAAG,EAAE;YACH,MAAM,EAAE,MAAM;YACd,GAAG,UAAU;YACb,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;YAC/C,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,MAAM;YAChB,MAAM,EAAE,EAAE;YACV,GAAG,EAAE,EAAE;SACR;QACD,IAAI,EAAE;YACJ,MAAM,EAAE,MAAM;YACd,GAAG,UAAU;YACb,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;YAC/C,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,EAAE;YACV,GAAG,EAAE,EAAE;SACR;QACD,KAAK,EAAE;YACL,MAAM,EAAE,MAAM;YACd,GAAG,UAAU;YACb,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE;YAC9C,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,EAAE;YACV,GAAG,EAAE,EAAE;SACR;QACD,OAAO,EAAE;YACP,MAAM,EAAE,MAAM;YACd,GAAG,UAAU;YACb,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;YAC/C,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,EAAE;YACV,GAAG,EAAE,EAAE;SACR;KACF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,KAAyB;IAEzB,MAAM,WAAW,GAAG,qBAAqB,EAAE,CAAC;IAC5C,MAAM,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAE9D,MAAM,QAAQ,GAAG,yBAAyB,CAAC,KAAK,CAAC,CAAC;IAElD,MAAM,OAAO,CAAC,GAAG,CACf,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE;QACrD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,IAAI,OAAO,CAAC,CAAC;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAEjD,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,OAAO,IAAI,EAAE;gBAC9C,IAAI,EAAE,KAAK;gBACX,IAAI,EAAE,IAAI;aACX,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,WAAmB;IAEnB,MAAM,WAAW,GAAG,qBAAqB,EAAE,CAAC;IAC5C,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,WAAW,OAAO,CAAC,CAAC;IAClE,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACnD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAmB,CAAC;AAC3C,CAAC"}

package/dist/src/config/settings.js CHANGED Viewed

@@ -10,6 +10,7 @@ import * as dotenv from 'dotenv';
 import process from 'node:process';
 import { LLXPRT_CONFIG_DIR as LLXPRT_DIR, FatalConfigError, getErrorMessage, Storage, } from '@vybestack/llxprt-code-core';
 import stripJsonComments from 'strip-json-comments';
+import * as commentJson from 'comment-json';
 import { DefaultLight } from '../ui/themes/default-light.js';
 import { DefaultDark } from '../ui/themes/default.js';
 import { isWorkspaceTrusted, isFolderTrustEnabled } from './trustedFolders.js';
@@ -563,6 +564,40 @@ export function loadSettings(workspaceDir = process.cwd()) {
         settings: workspaceSettings,
     }, isTrusted);
 }
+function deepMergeWithComments(target, source) {
+    if (typeof target !== 'object' ||
+        target === null ||
+        typeof source !== 'object' ||
+        source === null) {
+        return source;
+    }
+    if (Array.isArray(source)) {
+        return source;
+    }
+    const result = target;
+    const sourceObj = source;
+    // Add or update keys from source
+    Object.keys(sourceObj).forEach((key) => {
+        if (typeof result[key] === 'object' &&
+            result[key] !== null &&
+            !Array.isArray(result[key]) &&
+            typeof sourceObj[key] === 'object' &&
+            sourceObj[key] !== null &&
+            !Array.isArray(sourceObj[key])) {
+            result[key] = deepMergeWithComments(result[key], sourceObj[key]);
+        }
+        else {
+            result[key] = sourceObj[key];
+        }
+    });
+    // Remove keys that are not in source
+    Object.keys(result).forEach((key) => {
+        if (!(key in sourceObj)) {
+            delete result[key];
+        }
+    });
+    return result;
+}
 export function saveSettings(settingsFile) {
     try {
         // Ensure the directory exists
@@ -570,7 +605,27 @@ export function saveSettings(settingsFile) {
         if (!fs.existsSync(dirPath)) {
             fs.mkdirSync(dirPath, { recursive: true });
         }
-        fs.writeFileSync(settingsFile.path, JSON.stringify(settingsFile.settings, null, 2), 'utf-8');
+        // Read the original file to preserve comments
+        let outputContent;
+        if (fs.existsSync(settingsFile.path)) {
+            const originalContent = fs.readFileSync(settingsFile.path, 'utf-8');
+            try {
+                // Parse with comments preserved
+                const parsedWithComments = commentJson.parse(originalContent);
+                // Deep merge to preserve comments at all levels
+                const merged = deepMergeWithComments(parsedWithComments, settingsFile.settings);
+                outputContent = commentJson.stringify(merged, null, 2);
+            }
+            catch {
+                // If parsing with comments fails, fall back to regular JSON
+                outputContent = JSON.stringify(settingsFile.settings, null, 2);
+            }
+        }
+        else {
+            // New file, no comments to preserve
+            outputContent = JSON.stringify(settingsFile.settings, null, 2);
+        }
+        fs.writeFileSync(settingsFile.path, outputContent, 'utf-8');
     }
     catch (error) {
         console.error('Error saving user settings file:', error);