bx-mac 1.5.1 → 1.6.1

package/README.md

@@ -166,7 +166,6 @@ App definitions in TOML format. Each `[<name>]` section becomes a CLI mode — u
 [cursor]
 bundle = "com.todesktop.230313mzl4w4u92"
 binary = "Contents/MacOS/Cursor"
-args = ["--no-sandbox"]
 
 # Add Zed (explicit path, no discovery)
 [zed]
@@ -177,6 +176,8 @@ path = "/Applications/Zed.app/Contents/MacOS/zed"
 path = "/usr/local/bin/code"
 ```
 
+**Electron apps:** bx automatically detects Electron-based apps (by checking for `Electron Framework.framework` inside the `.app` bundle) and adds `--no-sandbox` to disable Chromium's internal sandbox, which conflicts with `sandbox-exec`. No manual `args = ["--no-sandbox"]` needed.
+
 | Field | Description |
 | --- | --- |
 | `mode` | Inherit from another app (e.g. `"code"`, `"cursor"`) — only `paths` / overrides needed |
@@ -361,7 +362,8 @@ bx detects and prevents problematic scenarios:
 - **🔄 Sandbox nesting:** If `CODEBOX_SANDBOX=1` is set (auto-propagated), bx refuses to start — nested sandboxes cause silent failures.
 - **🔍 Unknown sandbox:** On startup, bx probes `~/Documents`, `~/Desktop`, `~/Downloads`. If any return `EPERM`, another sandbox is active — bx aborts.
 - **⚠️ VSCode terminal:** If `VSCODE_PID` is set, bx warns that it will launch a *new* instance, not sandbox the current one.
-- **🧩 App already sandboxed:** For GUI app modes, bx inspects app entitlements (best effort) and warns if Apple App Sandbox is enabled, since nested sandboxing can cause startup/access issues.
+- **🧩 App already sandboxed:** For GUI app modes, bx inspects app entitlements (best effort) and warns if Apple App Sandbox is enabled, since bx's `sandbox-exec` wrapper may not apply correctly when the app is already sandboxed by macOS.
+- **⚡ Electron auto-detection:** bx detects Electron-based apps (by checking for `Electron Framework.framework` in the `.app` bundle) and automatically adds `--no-sandbox` to disable Chromium's internal sandbox, which conflicts with `sandbox-exec`. This works for VSCode, Cursor, Windsurf, and any other Electron app.
 - **🔁 App already running:** If the target app is already running, bx warns that the new workspace would open in the existing (unsandboxed) instance and asks for confirmation. This is important because Electron apps like VSCode, Cursor, etc. always reuse the running process — `sandbox-exec` has no effect on the already-running instance.
 
 ### Single-instance apps
@@ -394,6 +396,22 @@ ls ~/work/other-project/         # ❌ Operation not permitted
 cat ./src/index.ts               # ✅ Works!
 ```
 
+**Drag and drop from `~/Downloads` (or other blocked dirs)** — if dragging files from Finder into a sandboxed app fails silently, the source folder is blocked. Grant read-only access by adding it to `~/.bxignore`:
+
+```gitignore
+ro:Downloads
+```
+
+The app can then read (and copy) the dragged file, but not modify the original. Same trick works for `ro:Desktop`, `ro:Documents`, etc.
+
+**`npm install` fails with auth or registry errors** — `.npmrc` is blocked by default (may contain tokens). If your install needs the registry config but not write access, expose it read-only:
+
+```gitignore
+ro:.npmrc
+```
+
+Same pattern applies to other tools whose config dotfiles are on the protected list (`.pypirc`, ...).
+
 ## ⚠️ Known limitations
 
 - **⚠️ Sandbox profile is static:** The sandbox rules are generated **once at launch** by scanning the current state of `$HOME`. Directories or files created **after** the sandbox starts are **not protected** — for example, if a tool creates `~/new-project/` while the sandbox is running, that directory will be fully accessible. Similarly, project-level `.bxignore` patterns only match files that exist at launch time; files matching a blocked pattern (e.g. `.env`) that are created later will **not** be denied. Re-run `bx` to pick up changes.

package/dist/bx.js

@@ -1483,6 +1483,11 @@ function executableFromBundle(bundlePath, app) {
 	if (app.binary) return join(bundlePath, app.binary);
 	return join(bundlePath, "Contents", "MacOS", basename(bundlePath, ".app"));
 }
+function isElectronApp(resolvedPath) {
+	const bundle = appBundleFromPath(resolvedPath);
+	if (!bundle) return false;
+	return existsSync(join(bundle, "Contents", "Frameworks", "Electron Framework.framework"));
+}
 const SANDBOX_KEY = "com.apple.security.app-sandbox";
 function hasAppSandboxEntitlement(entitlements) {
 	if (new RegExp(`<key>\\s*${SANDBOX_KEY.replace(/\./g, "\\.")}\\s*</key>\\s*<true\\s*/>`, "i").test(entitlements)) return true;
@@ -1565,6 +1570,7 @@ function buildAppCommand(mode, workDirs, home, profileSandbox, appArgs, apps) {
 		args.push("--extensions-dir", join(dataDir, "extensions"));
 	}
 	if (app.args) args.push(...app.args);
+	if (!args.includes("--no-sandbox") && isElectronApp(resolvedPath)) args.push("--no-sandbox");
 	if (appArgs.length > 0) args.push(...appArgs);
 	args.push(...getPassPaths(app, workDirs, home));
 	return {
@@ -1609,7 +1615,7 @@ function getNestedSandboxWarning(mode, apps) {
 				"pipe",
 				"pipe"
 			]
-		}))) return `⚠️  "${mode}" has Apple App Sandbox enabled — nested sandboxing may cause issues`;
+		}))) return `"${mode}" has Apple App Sandbox enabled — bx sandbox may not apply correctly`;
 	} catch {}
 	return null;
 }
@@ -1773,7 +1779,7 @@ function printDryRunTree({ home, blockedDirs, ignoredPaths, readOnlyDirs, workDi
 }
 //#endregion
 //#region src/index.ts
-const VERSION = "1.5.1";
+const VERSION = "1.6.1";
 const __dirname = dirname(fileURLToPath(import.meta.url));
 if (process$1.argv.includes("--version") || process$1.argv.includes("-v")) {
 	console.log(`bx ${VERSION}`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "bx-mac",
-  "version": "1.5.1",
+  "version": "1.6.1",
   "description": "Sandbox any macOS app — only your project directory stays accessible",
   "type": "module",
   "bin": {