isol8 0.11.2 → 0.12.0-alpha.0

package/dist/index.js

@@ -1,4 +1,20 @@
+import { createRequire } from "node:module";
+var __create = Object.create;
+var __getProtoOf = Object.getPrototypeOf;
 var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __toESM = (mod, isNodeMode, target) => {
+  target = mod != null ? __create(__getProtoOf(mod)) : {};
+  const to = isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target;
+  for (let key of __getOwnPropNames(mod))
+    if (!__hasOwnProp.call(to, key))
+      __defProp(to, key, {
+        get: () => mod[key],
+        enumerable: true
+      });
+  return to;
+};
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, {
@@ -9,6 +25,7 @@ var __export = (target, all) => {
     });
 };
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
+var __require = /* @__PURE__ */ createRequire(import.meta.url);
 
 // src/runtime/adapter.ts
 var adapters, extensionMap, RuntimeRegistry;
@@ -546,9 +563,191 @@ class Semaphore {
   }
 }
 
+// src/engine/default-seccomp-profile.ts
+var EMBEDDED_DEFAULT_SECCOMP_PROFILE;
+var init_default_seccomp_profile = __esm(() => {
+  EMBEDDED_DEFAULT_SECCOMP_PROFILE = JSON.stringify({
+    defaultAction: "SCMP_ACT_ALLOW",
+    architectures: ["SCMP_ARCH_X86_64", "SCMP_ARCH_X86", "SCMP_ARCH_X32", "SCMP_ARCH_AARCH64"],
+    syscalls: [
+      {
+        names: [
+          "acct",
+          "add_key",
+          "bpf",
+          "clock_adjtime",
+          "clock_settime",
+          "create_module",
+          "delete_module",
+          "finit_module",
+          "get_mempolicy",
+          "init_module",
+          "ioperm",
+          "iopl",
+          "kcmp",
+          "kexec_file_load",
+          "kexec_load",
+          "keyctl",
+          "lookup_dcookie",
+          "mbind",
+          "mount",
+          "move_pages",
+          "name_to_handle_at",
+          "open_by_handle_at",
+          "perf_event_open",
+          "pivot_root",
+          "process_vm_readv",
+          "process_vm_writev",
+          "ptrace",
+          "query_module",
+          "quotactl",
+          "reboot",
+          "request_key",
+          "set_mempolicy",
+          "setns",
+          "settimeofday",
+          "stime",
+          "swapon",
+          "swapoff",
+          "sysfs",
+          "syslog",
+          "umount",
+          "umount2",
+          "unshare",
+          "uselib",
+          "userfaultfd",
+          "ustat",
+          "vm86",
+          "vm86old"
+        ],
+        action: "SCMP_ACT_ERRNO",
+        args: [],
+        comment: "",
+        includes: {},
+        excludes: {}
+      }
+    ]
+  });
+});
+
+// src/engine/utils.ts
+var exports_utils = {};
+__export(exports_utils, {
+  validatePackageName: () => validatePackageName,
+  truncateOutput: () => truncateOutput,
+  parseMemoryLimit: () => parseMemoryLimit,
+  maskSecrets: () => maskSecrets,
+  extractFromTar: () => extractFromTar,
+  createTarBuffer: () => createTarBuffer
+});
+function parseMemoryLimit(limit) {
+  const match = limit.match(/^(\d+(?:\.\d+)?)\s*([kmgt]?)b?$/i);
+  if (!match) {
+    throw new Error(`Invalid memory limit format: "${limit}". Use e.g. "512m", "1g".`);
+  }
+  const value = Number.parseFloat(match[1]);
+  const unit = (match[2] || "b").toLowerCase();
+  const multipliers = {
+    b: 1,
+    k: 1024,
+    m: 1024 ** 2,
+    g: 1024 ** 3,
+    t: 1024 ** 4
+  };
+  return Math.floor(value * (multipliers[unit] ?? 1));
+}
+function truncateOutput(output, maxBytes) {
+  const encoder = new TextEncoder;
+  const bytes = encoder.encode(output);
+  if (bytes.length <= maxBytes) {
+    return { text: output, truncated: false };
+  }
+  const decoder = new TextDecoder("utf-8", { fatal: false });
+  const truncated = decoder.decode(bytes.slice(0, maxBytes));
+  return {
+    text: `${truncated}
+
+--- OUTPUT TRUNCATED (${bytes.length} bytes, limit: ${maxBytes}) ---`,
+    truncated: true
+  };
+}
+function maskSecrets(text, secrets) {
+  let result = text;
+  for (const value of Object.values(secrets)) {
+    if (value.length > 0) {
+      result = result.replaceAll(value, "***");
+    }
+  }
+  return result;
+}
+function createTarBuffer(filePath, content) {
+  const data = typeof content === "string" ? Buffer.from(content, "utf-8") : content;
+  const headerSize = 512;
+  const dataBlocks = Math.ceil(data.length / 512);
+  const totalSize = headerSize + dataBlocks * 512 + 1024;
+  const buf = Buffer.alloc(totalSize);
+  buf.write(filePath.replace(/^\//, ""), 0, 100, "utf-8");
+  buf.write("0000644\x00", 100, 8, "utf-8");
+  buf.write("0000000\x00", 108, 8, "utf-8");
+  buf.write("0000000\x00", 116, 8, "utf-8");
+  buf.write(`${data.length.toString(8).padStart(11, "0")}\x00`, 124, 12, "utf-8");
+  buf.write(`${Math.floor(Date.now() / 1000).toString(8).padStart(11, "0")}\x00`, 136, 12, "utf-8");
+  buf.write("0", 156, 1, "utf-8");
+  buf.write("ustar\x00", 257, 6, "utf-8");
+  buf.write("00", 263, 2, "utf-8");
+  buf.write("        ", 148, 8, "utf-8");
+  let checksum = 0;
+  for (let i = 0;i < headerSize; i++) {
+    checksum += buf[i];
+  }
+  buf.write(`${checksum.toString(8).padStart(6, "0")}\x00 `, 148, 8, "utf-8");
+  data.copy(buf, headerSize);
+  return buf;
+}
+function extractFromTar(tarBuffer, targetPath) {
+  const normalizedTarget = targetPath.replace(/^\//, "");
+  const basename = targetPath.split("/").pop() ?? targetPath;
+  let offset = 0;
+  while (offset < tarBuffer.length - 512) {
+    const nameEnd = tarBuffer.indexOf(0, offset);
+    const name = tarBuffer.subarray(offset, Math.min(nameEnd, offset + 100)).toString("utf-8");
+    if (name.length === 0) {
+      break;
+    }
+    const sizeStr = tarBuffer.subarray(offset + 124, offset + 136).toString("utf-8").trim();
+    const size = Number.parseInt(sizeStr, 8);
+    if (Number.isNaN(size)) {
+      break;
+    }
+    const dataStart = offset + 512;
+    const dataBlocks = Math.ceil(size / 512);
+    if (name === normalizedTarget || name.endsWith(`/${normalizedTarget}`) || name === basename) {
+      return Buffer.from(tarBuffer.subarray(dataStart, dataStart + size));
+    }
+    offset = dataStart + dataBlocks * 512;
+  }
+  throw new Error(`File "${targetPath}" not found in tar archive`);
+}
+function validatePackageName(name) {
+  if (!/^[@a-zA-Z0-9_./\-=]+$/.test(name)) {
+    throw new Error(`Invalid package name: "${name}". Only alphanumeric, -, _, ., /, @, and = are allowed.`);
+  }
+  return name;
+}
+
 // src/engine/image-builder.ts
+var exports_image_builder = {};
+__export(exports_image_builder, {
+  normalizePackages: () => normalizePackages,
+  imageExists: () => imageExists,
+  getCustomImageTag: () => getCustomImageTag,
+  ensureImages: () => ensureImages,
+  buildCustomImages: () => buildCustomImages,
+  buildBaseImages: () => buildBaseImages
+});
 import { createHash as createHash2 } from "node:crypto";
 import { existsSync as existsSync3, readFileSync as readFileSync2 } from "node:fs";
+import { join as join3 } from "node:path";
 function resolveDockerDir() {
   const fromBundled = new URL("./docker", import.meta.url).pathname;
   if (existsSync3(fromBundled)) {
@@ -556,6 +755,19 @@ function resolveDockerDir() {
   }
   return new URL("../../docker", import.meta.url).pathname;
 }
+function computeDockerDirHash() {
+  const hash = createHash2("sha256");
+  const files = [...DOCKER_BUILD_FILES].sort();
+  for (const file of files) {
+    const filePath = join3(DOCKERFILE_DIR, file);
+    if (existsSync3(filePath)) {
+      const content = readFileSync2(filePath);
+      hash.update(file);
+      hash.update(content);
+    }
+  }
+  return hash.digest("hex");
+}
 function computeDepsHash(runtime, packages) {
   const hash = createHash2("sha256");
   hash.update(runtime);
@@ -573,11 +785,206 @@ function getCustomImageTag(runtime, packages) {
   const shortHash = depsHash.slice(0, 12);
   return `isol8:${runtime}-custom-${shortHash}`;
 }
-var DOCKERFILE_DIR;
+async function getImageLabels(docker, imageName) {
+  try {
+    const image = docker.getImage(imageName);
+    const inspect = await image.inspect();
+    return inspect.Config?.Labels ?? {};
+  } catch {
+    return null;
+  }
+}
+async function removeImage(docker, imageId) {
+  try {
+    const image = docker.getImage(imageId);
+    await image.remove();
+    logger.debug(`[ImageBuilder] Removed old image: ${imageId.slice(0, 12)}`);
+  } catch (err) {
+    logger.debug(`[ImageBuilder] Could not remove image ${imageId.slice(0, 12)}: ${err}`);
+  }
+}
+async function buildBaseImages(docker, onProgress, force = false, onlyRuntimes) {
+  const allRuntimes = RuntimeRegistry.list();
+  const runtimes = onlyRuntimes ? allRuntimes.filter((r) => onlyRuntimes.includes(r.name)) : allRuntimes;
+  const dockerHash = computeDockerDirHash();
+  logger.debug(`[ImageBuilder] Docker directory hash: ${dockerHash.slice(0, 16)}...`);
+  for (const adapter of runtimes) {
+    const target = adapter.name;
+    const imageName = adapter.image;
+    if (!force) {
+      const labels = await getImageLabels(docker, imageName);
+      if (labels && labels[LABELS.dockerHash] === dockerHash) {
+        logger.debug(`[ImageBuilder] Base image ${target} is up to date, skipping build`);
+        onProgress?.({ runtime: target, status: "done", message: "Up to date" });
+        continue;
+      }
+    }
+    let oldImageId = null;
+    try {
+      const oldImage = await docker.getImage(imageName).inspect();
+      oldImageId = oldImage.Id;
+      logger.debug(`[ImageBuilder] Existing image ${target} ID: ${oldImageId.slice(0, 12)}`);
+    } catch {
+      logger.debug(`[ImageBuilder] No existing image for ${target}`);
+    }
+    onProgress?.({ runtime: target, status: "building" });
+    try {
+      const stream = await docker.buildImage({ context: DOCKERFILE_DIR, src: DOCKER_BUILD_FILES }, {
+        t: imageName,
+        target,
+        dockerfile: "Dockerfile",
+        labels: {
+          [LABELS.dockerHash]: dockerHash
+        }
+      });
+      await new Promise((resolve2, reject) => {
+        docker.modem.followProgress(stream, (err) => {
+          if (err) {
+            reject(err);
+          } else {
+            resolve2();
+          }
+        });
+      });
+      if (oldImageId) {
+        await removeImage(docker, oldImageId);
+      }
+      onProgress?.({ runtime: target, status: "done" });
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      onProgress?.({ runtime: target, status: "error", message });
+      throw new Error(`Failed to build image for ${target}: ${message}`);
+    }
+  }
+}
+async function buildCustomImages(docker, config, onProgress, force = false) {
+  const deps = config.dependencies;
+  const python = deps.python ? normalizePackages(deps.python) : [];
+  const node = deps.node ? normalizePackages(deps.node) : [];
+  const bun = deps.bun ? normalizePackages(deps.bun) : [];
+  const deno = deps.deno ? normalizePackages(deps.deno) : [];
+  const bash = deps.bash ? normalizePackages(deps.bash) : [];
+  if (python.length) {
+    await buildCustomImage(docker, "python", python, onProgress, force);
+  }
+  if (node.length) {
+    await buildCustomImage(docker, "node", node, onProgress, force);
+  }
+  if (bun.length) {
+    await buildCustomImage(docker, "bun", bun, onProgress, force);
+  }
+  if (deno.length) {
+    await buildCustomImage(docker, "deno", deno, onProgress, force);
+  }
+  if (bash.length) {
+    await buildCustomImage(docker, "bash", bash, onProgress, force);
+  }
+}
+async function buildCustomImage(docker, runtime, packages, onProgress, force = false) {
+  const normalizedPackages = normalizePackages(packages);
+  const tag = getCustomImageTag(runtime, normalizedPackages);
+  const depsHash = computeDepsHash(runtime, normalizedPackages);
+  logger.debug(`[ImageBuilder] ${runtime} custom deps hash: ${depsHash.slice(0, 16)}...`);
+  if (!force) {
+    const labels = await getImageLabels(docker, tag);
+    if (labels && labels[LABELS.depsHash] === depsHash) {
+      logger.debug(`[ImageBuilder] Custom image ${runtime} is up to date, skipping build`);
+      onProgress?.({ runtime, status: "done", message: "Up to date" });
+      return;
+    }
+  }
+  let oldImageId = null;
+  try {
+    const oldImage = await docker.getImage(tag).inspect();
+    oldImageId = oldImage.Id;
+    logger.debug(`[ImageBuilder] Existing custom image ${runtime} ID: ${oldImageId.slice(0, 12)}`);
+  } catch {
+    logger.debug(`[ImageBuilder] No existing custom image for ${runtime}`);
+  }
+  onProgress?.({
+    runtime,
+    status: "building",
+    message: `Custom: ${normalizedPackages.join(", ")}`
+  });
+  let installCmd;
+  switch (runtime) {
+    case "python":
+      installCmd = `RUN pip install --no-cache-dir ${normalizedPackages.join(" ")}`;
+      break;
+    case "node":
+      installCmd = `RUN npm install -g ${normalizedPackages.join(" ")}`;
+      break;
+    case "bun":
+      installCmd = `RUN bun install -g ${normalizedPackages.join(" ")}`;
+      break;
+    case "deno":
+      installCmd = normalizedPackages.map((p) => `RUN deno cache ${p}`).join(`
+`);
+      break;
+    case "bash":
+      installCmd = `RUN apk add --no-cache ${normalizedPackages.join(" ")}`;
+      break;
+    default:
+      throw new Error(`Unknown runtime: ${runtime}`);
+  }
+  const dockerfileContent = `FROM isol8:${runtime}
+${installCmd}
+`;
+  const { createTarBuffer: createTarBuffer2, validatePackageName: validatePackageName2 } = await Promise.resolve().then(() => exports_utils);
+  const { Readable } = await import("node:stream");
+  normalizedPackages.forEach(validatePackageName2);
+  const tarBuffer = createTarBuffer2("Dockerfile", dockerfileContent);
+  const stream = await docker.buildImage(Readable.from(tarBuffer), {
+    t: tag,
+    dockerfile: "Dockerfile",
+    labels: {
+      [LABELS.depsHash]: depsHash
+    }
+  });
+  await new Promise((resolve2, reject) => {
+    docker.modem.followProgress(stream, (err) => {
+      if (err) {
+        reject(err);
+      } else {
+        resolve2();
+      }
+    });
+  });
+  if (oldImageId) {
+    await removeImage(docker, oldImageId);
+  }
+  onProgress?.({ runtime, status: "done" });
+}
+async function imageExists(docker, imageName) {
+  try {
+    await docker.getImage(imageName).inspect();
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function ensureImages(docker, onProgress) {
+  const runtimes = RuntimeRegistry.list();
+  const missing = [];
+  for (const adapter of runtimes) {
+    if (!await imageExists(docker, adapter.image)) {
+      missing.push(adapter.name);
+    }
+  }
+  if (missing.length > 0) {
+    await buildBaseImages(docker, onProgress, false, missing);
+  }
+}
+var DOCKERFILE_DIR, LABELS, DOCKER_BUILD_FILES;
 var init_image_builder = __esm(() => {
   init_runtime();
   init_logger();
   DOCKERFILE_DIR = resolveDockerDir();
+  LABELS = {
+    dockerHash: "org.isol8.build.hash",
+    depsHash: "org.isol8.deps.hash"
+  };
+  DOCKER_BUILD_FILES = ["Dockerfile", "proxy.sh", "proxy-handler.sh"];
 });
 
 // src/engine/pool.ts
@@ -859,96 +1266,6 @@ function calculateResourceDelta(before, after) {
   };
 }
 
-// src/engine/utils.ts
-function parseMemoryLimit(limit) {
-  const match = limit.match(/^(\d+(?:\.\d+)?)\s*([kmgt]?)b?$/i);
-  if (!match) {
-    throw new Error(`Invalid memory limit format: "${limit}". Use e.g. "512m", "1g".`);
-  }
-  const value = Number.parseFloat(match[1]);
-  const unit = (match[2] || "b").toLowerCase();
-  const multipliers = {
-    b: 1,
-    k: 1024,
-    m: 1024 ** 2,
-    g: 1024 ** 3,
-    t: 1024 ** 4
-  };
-  return Math.floor(value * (multipliers[unit] ?? 1));
-}
-function truncateOutput(output, maxBytes) {
-  const encoder = new TextEncoder;
-  const bytes = encoder.encode(output);
-  if (bytes.length <= maxBytes) {
-    return { text: output, truncated: false };
-  }
-  const decoder = new TextDecoder("utf-8", { fatal: false });
-  const truncated = decoder.decode(bytes.slice(0, maxBytes));
-  return {
-    text: `${truncated}
-
---- OUTPUT TRUNCATED (${bytes.length} bytes, limit: ${maxBytes}) ---`,
-    truncated: true
-  };
-}
-function maskSecrets(text, secrets) {
-  let result = text;
-  for (const value of Object.values(secrets)) {
-    if (value.length > 0) {
-      result = result.replaceAll(value, "***");
-    }
-  }
-  return result;
-}
-function createTarBuffer(filePath, content) {
-  const data = typeof content === "string" ? Buffer.from(content, "utf-8") : content;
-  const headerSize = 512;
-  const dataBlocks = Math.ceil(data.length / 512);
-  const totalSize = headerSize + dataBlocks * 512 + 1024;
-  const buf = Buffer.alloc(totalSize);
-  buf.write(filePath.replace(/^\//, ""), 0, 100, "utf-8");
-  buf.write("0000644\x00", 100, 8, "utf-8");
-  buf.write("0000000\x00", 108, 8, "utf-8");
-  buf.write("0000000\x00", 116, 8, "utf-8");
-  buf.write(`${data.length.toString(8).padStart(11, "0")}\x00`, 124, 12, "utf-8");
-  buf.write(`${Math.floor(Date.now() / 1000).toString(8).padStart(11, "0")}\x00`, 136, 12, "utf-8");
-  buf.write("0", 156, 1, "utf-8");
-  buf.write("ustar\x00", 257, 6, "utf-8");
-  buf.write("00", 263, 2, "utf-8");
-  buf.write("        ", 148, 8, "utf-8");
-  let checksum = 0;
-  for (let i = 0;i < headerSize; i++) {
-    checksum += buf[i];
-  }
-  buf.write(`${checksum.toString(8).padStart(6, "0")}\x00 `, 148, 8, "utf-8");
-  data.copy(buf, headerSize);
-  return buf;
-}
-function extractFromTar(tarBuffer, targetPath) {
-  const normalizedTarget = targetPath.replace(/^\//, "");
-  const basename = targetPath.split("/").pop() ?? targetPath;
-  let offset = 0;
-  while (offset < tarBuffer.length - 512) {
-    const nameEnd = tarBuffer.indexOf(0, offset);
-    const name = tarBuffer.subarray(offset, Math.min(nameEnd, offset + 100)).toString("utf-8");
-    if (name.length === 0) {
-      break;
-    }
-    const sizeStr = tarBuffer.subarray(offset + 124, offset + 136).toString("utf-8").trim();
-    const size = Number.parseInt(sizeStr, 8);
-    if (Number.isNaN(size)) {
-      break;
-    }
-    const dataStart = offset + 512;
-    const dataBlocks = Math.ceil(size / 512);
-    if (name === normalizedTarget || name.endsWith(`/${normalizedTarget}`) || name === basename) {
-      return Buffer.from(tarBuffer.subarray(dataStart, dataStart + size));
-    }
-    offset = dataStart + dataBlocks * 512;
-  }
-  throw new Error(`File "${targetPath}" not found in tar archive`);
-}
-
 // src/engine/docker.ts
 var exports_docker = {};
 __export(exports_docker, {
@@ -1087,7 +1404,19 @@ function wrapWithTimeout(cmd, timeoutSec) {
 function getInstallCommand(runtime, packages) {
   switch (runtime) {
     case "python":
-      return ["pip", "install", "--user", "--no-cache-dir", "--break-system-packages", ...packages];
+      return [
+        "pip",
+        "install",
+        "--user",
+        "--no-cache-dir",
+        "--break-system-packages",
+        "--disable-pip-version-check",
+        "--retries",
+        "0",
+        "--timeout",
+        "15",
+        ...packages
+      ];
     case "node":
       return ["npm", "install", "--prefix", "/sandbox", ...packages];
     case "bun":
@@ -1100,8 +1429,9 @@ function getInstallCommand(runtime, packages) {
       throw new Error(`Unknown runtime for package install: ${runtime}`);
   }
 }
-async function installPackages(container, runtime, packages) {
-  const cmd = getInstallCommand(runtime, packages);
+async function installPackages(container, runtime, packages, timeoutMs) {
+  const timeoutSec = Math.max(1, Math.ceil(timeoutMs / 1000));
+  const cmd = wrapWithTimeout(getInstallCommand(runtime, packages), timeoutSec);
   logger.debug(`Installing packages: ${JSON.stringify(cmd)}`);
   const env = [
     "PATH=/sandbox/.local/bin:/sandbox/.npm-global/bin:/sandbox/.bun-global/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin"
@@ -1112,6 +1442,12 @@ async function installPackages(container, runtime, packages) {
     env.push("NPM_CONFIG_PREFIX=/sandbox/.npm-global");
     env.push("NPM_CONFIG_CACHE=/sandbox/.npm-cache");
     env.push("npm_config_cache=/sandbox/.npm-cache");
+    env.push("NPM_CONFIG_FETCH_RETRIES=0");
+    env.push("npm_config_fetch_retries=0");
+    env.push("NPM_CONFIG_FETCH_RETRY_MINTIMEOUT=1000");
+    env.push("npm_config_fetch_retry_mintimeout=1000");
+    env.push("NPM_CONFIG_FETCH_RETRY_MAXTIMEOUT=2000");
+    env.push("npm_config_fetch_retry_maxtimeout=2000");
   } else if (runtime === "bun") {
     env.push("BUN_INSTALL_GLOBAL_DIR=/sandbox/.bun-global");
     env.push("BUN_INSTALL_CACHE_DIR=/sandbox/.bun-cache");
@@ -1133,7 +1469,13 @@ async function installPackages(container, runtime, packages) {
     const stderrStream = new PassThrough;
     container.modem.demuxStream(stream, stdoutStream, stderrStream);
     stderrStream.on("data", (chunk) => {
-      stderr += chunk.toString();
+      const text = chunk.toString();
+      stderr += text;
+      logger.debug(`[install:${runtime}:stderr] ${text.trimEnd()}`);
+    });
+    stdoutStream.on("data", (chunk) => {
+      const text = chunk.toString();
+      logger.debug(`[install:${runtime}:stdout] ${text.trimEnd()}`);
     });
     stream.on("end", async () => {
       try {
@@ -1463,7 +1805,7 @@ class DockerIsol8 {
         const filePath = `${SANDBOX_WORKDIR}/main${ext}`;
         await writeFileViaExec(container, filePath, request.code);
         if (request.installPackages?.length) {
-          await installPackages(container, request.runtime, request.installPackages);
+          await installPackages(container, request.runtime, request.installPackages, timeoutMs);
         }
         if (request.files) {
           for (const [fPath, fContent] of Object.entries(request.files)) {
@@ -1532,6 +1874,26 @@ class DockerIsol8 {
         resolvedImage = legacyCustomTag;
       } catch {}
     }
+    try {
+      await this.docker.getImage(resolvedImage).inspect();
+    } catch {
+      logger.debug(`[ImageBuilder] Image ${resolvedImage} not found. Building...`);
+      const { buildBaseImages: buildBaseImages2, buildCustomImages: buildCustomImages2 } = await Promise.resolve().then(() => (init_image_builder(), exports_image_builder));
+      if (resolvedImage !== adapter.image && normalizedDeps.length > 0) {
+        try {
+          await this.docker.getImage(adapter.image).inspect();
+        } catch {
+          logger.debug(`[ImageBuilder] Base image ${adapter.image} missing. Building...`);
+          await buildBaseImages2(this.docker, undefined, false, [adapter.name]);
+        }
+        logger.debug(`[ImageBuilder] Building custom image for ${adapter.name}...`);
+        const dummyConfig = { dependencies: { [adapter.name]: normalizedDeps } };
+        await buildCustomImages2(this.docker, dummyConfig, undefined, false);
+      } else {
+        logger.debug(`[ImageBuilder] Building base image for ${adapter.name}...`);
+        await buildBaseImages2(this.docker, undefined, false, [adapter.name]);
+      }
+    }
     this.imageCache.set(cacheKey, resolvedImage);
     return resolvedImage;
   }
@@ -1592,7 +1954,7 @@ class DockerIsol8 {
         rawCmd = adapter.getCommand(req.code, filePath);
       }
       if (req.installPackages?.length) {
-        await installPackages(container, req.runtime, req.installPackages);
+        await installPackages(container, req.runtime, req.installPackages, timeoutMs);
       }
       const timeoutSec = Math.ceil(timeoutMs / 1000);
       let cmd;
@@ -1700,7 +2062,7 @@ class DockerIsol8 {
     const rawCmd = adapter.getCommand(req.code, filePath);
     const timeoutSec = Math.ceil(timeoutMs / 1000);
     if (req.installPackages?.length) {
-      await installPackages(this.container, req.runtime, req.installPackages);
+      await installPackages(this.container, req.runtime, req.installPackages, timeoutMs);
     }
     let cmd;
     if (req.stdin) {
@@ -1843,17 +2205,15 @@ class DockerIsol8 {
         const profile = readFileSync3(this.security.customProfilePath, "utf-8");
         opts.push(`seccomp=${profile}`);
       } catch (e) {
-        logger.error(`Failed to load custom seccomp profile: ${e}`);
+        throw new Error(`Failed to load custom seccomp profile at ${this.security.customProfilePath}: ${e}`);
       }
       return opts;
     }
     try {
       const profile = this.loadDefaultSeccompProfile();
-      if (profile) {
-        opts.push(`seccomp=${profile}`);
-      }
+      opts.push(`seccomp=${profile}`);
     } catch (e) {
-      logger.error(`Failed to load default seccomp profile: ${e}`);
+      throw new Error(`Failed to load default seccomp profile: ${e}`);
     }
     return opts;
   }
@@ -1866,8 +2226,11 @@ class DockerIsol8 {
     if (existsSync4(prodPath)) {
       return readFileSync3(prodPath, "utf-8");
     }
-    logger.warn("Could not locate default seccomp profile. Running without seccomp filter.");
-    return null;
+    if (EMBEDDED_DEFAULT_SECCOMP_PROFILE.length > 0) {
+      logger.debug(`Default seccomp profile file not found. Using embedded profile. Tried: ${devPath.pathname}, ${prodPath.pathname}`);
+      return EMBEDDED_DEFAULT_SECCOMP_PROFILE;
+    }
+    throw new Error("Embedded default seccomp profile is unavailable");
   }
   buildEnv(extra) {
     const env = [
@@ -2092,6 +2455,7 @@ var init_docker = __esm(() => {
   init_logger();
   init_audit();
   init_code_fetcher();
+  init_default_seccomp_profile();
   init_image_builder();
   init_pool();
   MAX_OUTPUT_BYTES = 1024 * 1024;
@@ -2235,7 +2599,8 @@ var DEFAULT_CONFIG = {
     cpuLimit: 1,
     network: "none",
     sandboxSize: "512m",
-    tmpSize: "256m"
+    tmpSize: "256m",
+    readonlyRootFs: true
   },
   network: {
     whitelist: [],
@@ -2304,7 +2669,8 @@ function mergeConfig(defaults, overrides) {
     maxConcurrent: overrides.maxConcurrent ?? defaults.maxConcurrent,
     defaults: {
       ...defaults.defaults,
-      ...overrides.defaults
+      ...overrides.defaults,
+      readonlyRootFs: overrides.defaults?.readonlyRootFs ?? defaults.defaults.readonlyRootFs
     },
     network: {
       whitelist: overrides.network?.whitelist ?? defaults.network.whitelist,
@@ -2349,7 +2715,7 @@ init_logger();
 // package.json
 var package_default = {
   name: "isol8",
-  version: "0.11.1",
+  version: "0.12.0-alpha.0",
   description: "Secure code execution engine for AI agents",
   author: "Illusion47586",
   license: "MIT",
@@ -2501,6 +2867,50 @@ async function createServer(options) {
   logger.debug(`[Server] Auto-prune: ${config.cleanup.autoPrune}`);
   const app = new Hono;
   const globalSemaphore = new Semaphore(config.maxConcurrent);
+  let pruneInterval;
+  let cleanupInFlight = null;
+  const cleanupSessions = async () => {
+    let removed = 0;
+    let failed = 0;
+    const errors = [];
+    for (const [id, session] of sessions) {
+      try {
+        await session.engine.stop();
+        removed++;
+      } catch (err) {
+        failed++;
+        const errorMsg = err instanceof Error ? err.message : String(err);
+        errors.push(`${id}: ${errorMsg}`);
+      } finally {
+        sessions.delete(id);
+      }
+    }
+    return { removed, failed, errors };
+  };
+  const runCleanup = async (includeImages) => {
+    if (cleanupInFlight) {
+      return cleanupInFlight;
+    }
+    cleanupInFlight = (async () => {
+      logger.info(`[Server] Starting cleanup (sessions=true containers=true images=${includeImages})`);
+      const sessionsResult = await cleanupSessions();
+      const containersResult = await DockerIsol82.cleanup();
+      const result = {
+        sessions: sessionsResult,
+        containers: containersResult
+      };
+      if (includeImages) {
+        result.images = await DockerIsol82.cleanupImages();
+      }
+      logger.info(`[Server] Cleanup complete: sessions=${result.sessions.removed}/${result.sessions.failed} containers=${result.containers.removed}/${result.containers.failed}${result.images ? ` images=${result.images.removed}/${result.images.failed}` : ""}`);
+      return result;
+    })();
+    try {
+      return await cleanupInFlight;
+    } finally {
+      cleanupInFlight = null;
+    }
+  };
   app.use("*", authMiddleware(options.apiKey));
   app.get("/health", (c) => c.json({ status: "ok", version: VERSION }));
   app.post("/execute", async (c) => {
@@ -2681,8 +3091,21 @@ async function createServer(options) {
     }
     return c.json({ ok: true });
   });
+  app.post("/cleanup", async (c) => {
+    const body = await c.req.json().catch(() => ({}));
+    const includeImages = body.images ?? true;
+    logger.debug(`[Server] POST /cleanup images=${includeImages}`);
+    try {
+      const result = await runCleanup(includeImages);
+      return c.json({ ok: true, ...result });
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      logger.error(`[Server] Cleanup failed: ${message}`);
+      return c.json({ error: message }, 500);
+    }
+  });
   if (config.cleanup.autoPrune) {
-    setInterval(async () => {
+    pruneInterval = setInterval(async () => {
       const maxAge = config.cleanup.maxContainerAgeMs;
       const now = Date.now();
       for (const [id, session] of sessions) {
@@ -2700,7 +3123,15 @@ async function createServer(options) {
   return {
     app,
     fetch: app.fetch,
-    port: options.port
+    port: options.port,
+    cleanup: async (includeImages = true) => runCleanup(includeImages),
+    shutdown: async (includeImages = true) => {
+      if (pruneInterval) {
+        clearInterval(pruneInterval);
+        pruneInterval = undefined;
+      }
+      await runCleanup(includeImages);
+    }
   };
 }
 export {
@@ -2717,4 +3148,4 @@ export {
   BunAdapter
 };
 
-//# debugId=E6910E46B07952A064756E2164756E21
+//# debugId=8EC327761CD2C45664756E2164756E21