isol8 0.8.3 → 0.9.0

package/dist/cli.js

@@ -5038,23 +5038,23 @@ var require_nacl_fast = __commonJS((exports, module) => {
       randombytes = fn;
     };
     (function() {
-      var crypto = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
-      if (crypto && crypto.getRandomValues) {
+      var crypto2 = typeof self !== "undefined" ? self.crypto || self.msCrypto : null;
+      if (crypto2 && crypto2.getRandomValues) {
         var QUOTA = 65536;
         nacl.setPRNG(function(x, n) {
           var i, v = new Uint8Array(n);
           for (i = 0;i < n; i += QUOTA) {
-            crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
+            crypto2.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
           }
           for (i = 0;i < n; i++)
             x[i] = v[i];
           cleanup(v);
         });
       } else if (true) {
-        crypto = __require("crypto");
-        if (crypto && crypto.randomBytes) {
+        crypto2 = __require("crypto");
+        if (crypto2 && crypto2.randomBytes) {
           nacl.setPRNG(function(x, n) {
-            var i, v = crypto.randomBytes(n);
+            var i, v = crypto2.randomBytes(n);
             for (i = 0;i < n; i++)
               x[i] = v[i];
             cleanup(v);
@@ -6329,14 +6329,14 @@ var require_lib2 = __commonJS((exports, module) => {
 
 // node_modules/ssh2/lib/protocol/constants.js
 var require_constants = __commonJS((exports, module) => {
-  var crypto = __require("crypto");
+  var crypto2 = __require("crypto");
   var cpuInfo;
   try {
     cpuInfo = require_lib2()();
   } catch {}
   var { bindingAvailable, CIPHER_INFO, MAC_INFO } = require_crypto();
   var eddsaSupported = (() => {
-    if (typeof crypto.sign === "function" && typeof crypto.verify === "function") {
+    if (typeof crypto2.sign === "function" && typeof crypto2.verify === "function") {
       const key = `-----BEGIN PRIVATE KEY-----\r
 MC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD` + `/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\r
 -----END PRIVATE KEY-----`;
@@ -6344,14 +6344,14 @@ MC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD` + `/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\r
       let sig;
       let verified;
       try {
-        sig = crypto.sign(null, data, key);
-        verified = crypto.verify(null, data, key, sig);
+        sig = crypto2.sign(null, data, key);
+        verified = crypto2.verify(null, data, key, sig);
       } catch {}
       return Buffer.isBuffer(sig) && sig.length === 64 && verified === true;
     }
     return false;
   })();
-  var curve25519Supported = typeof crypto.diffieHellman === "function" && typeof crypto.generateKeyPairSync === "function" && typeof crypto.createPublicKey === "function";
+  var curve25519Supported = typeof crypto2.diffieHellman === "function" && typeof crypto2.generateKeyPairSync === "function" && typeof crypto2.createPublicKey === "function";
   var DEFAULT_KEX = [
     "ecdh-sha2-nistp256",
     "ecdh-sha2-nistp384",
@@ -6386,7 +6386,7 @@ MC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD` + `/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\r
     "ssh-dss"
   ]);
   var canUseCipher = (() => {
-    const ciphers = crypto.getCiphers();
+    const ciphers = crypto2.getCiphers();
     return (name) => ciphers.includes(CIPHER_INFO[name].sslName);
   })();
   var DEFAULT_CIPHER = [
@@ -6421,7 +6421,7 @@ MC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD` + `/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\r
     "arcfour"
   ].filter(canUseCipher));
   var canUseMAC = (() => {
-    const hashes = crypto.getHashes();
+    const hashes = crypto2.getHashes();
     return (name) => hashes.includes(MAC_INFO[name].sslName);
   })();
   var DEFAULT_MAC = [
@@ -54803,6 +54803,10 @@ function mergeConfig(defaults, overrides) {
       seccomp: overrides.security?.seccomp ?? defaults.security.seccomp,
       customProfilePath: overrides.security?.customProfilePath ?? defaults.security.customProfilePath
     },
+    audit: {
+      ...defaults.audit,
+      ...overrides.audit
+    },
     debug: overrides.debug ?? defaults.debug
   };
 }
@@ -54830,6 +54834,16 @@ var init_config = __esm(() => {
     security: {
       seccomp: "strict"
     },
+    audit: {
+      enabled: false,
+      destination: "filesystem",
+      logDir: undefined,
+      postLogScript: undefined,
+      trackResources: true,
+      retentionDays: 90,
+      includeCode: false,
+      includeOutput: false
+    },
     debug: false
   };
 });
@@ -55022,6 +55036,144 @@ var init_logger = __esm(() => {
   logger = new Logger;
 });
 
+// src/engine/audit.ts
+import { spawn } from "node:child_process";
+import { appendFileSync, existsSync as existsSync2, mkdirSync, readdirSync, statSync, unlinkSync } from "node:fs";
+import { join as join2 } from "node:path";
+
+class AuditLogger {
+  config;
+  auditFile;
+  constructor(config) {
+    this.config = config;
+    const auditDir = config.logDir ?? process.env.ISOL8_AUDIT_DIR ?? join2(process.cwd(), "./.isol8_audit");
+    this.auditFile = join2(auditDir, "executions.log");
+    if (!existsSync2(auditDir)) {
+      try {
+        mkdirSync(auditDir, { recursive: true });
+      } catch (err) {
+        logger.error("Failed to create audit dir:", err);
+      }
+    }
+    this.cleanupOldLogs();
+  }
+  cleanupOldLogs() {
+    if (!this.config.enabled || this.config.retentionDays <= 0) {
+      return;
+    }
+    try {
+      const auditDir = join2(this.auditFile, "..");
+      if (!existsSync2(auditDir)) {
+        return;
+      }
+      const cutoffTime = Date.now() - this.config.retentionDays * 24 * 60 * 60 * 1000;
+      const files = readdirSync(auditDir);
+      let cleanedCount = 0;
+      for (const file of files) {
+        if (file.endsWith(".log") || file.endsWith(".jsonl")) {
+          const filePath = join2(auditDir, file);
+          try {
+            const stats = statSync(filePath);
+            if (stats.mtimeMs < cutoffTime) {
+              unlinkSync(filePath);
+              cleanedCount++;
+              logger.debug(`Cleaned up old audit log: ${file}`);
+            }
+          } catch (err) {
+            logger.debug(`Failed to check/remove old log file ${file}:`, err);
+          }
+        }
+      }
+      if (cleanedCount > 0) {
+        logger.info(`Audit log cleanup: removed ${cleanedCount} old log files`);
+      }
+    } catch (err) {
+      logger.error("Failed to cleanup old audit logs:", err);
+    }
+  }
+  record(audit) {
+    if (!this.config.enabled) {
+      return;
+    }
+    try {
+      const filteredAudit = this.filterAuditData(audit);
+      const line = `${JSON.stringify(filteredAudit)}
+`;
+      switch (this.config.destination) {
+        case "file":
+        case "filesystem":
+          appendFileSync(this.auditFile, line, { encoding: "utf-8" });
+          break;
+        case "stdout":
+          console.log("AUDIT_LOG:", filteredAudit);
+          break;
+        default:
+          logger.error(`Unsupported audit destination: ${this.config.destination}`);
+          return;
+      }
+      logger.debug("Audit record written:", audit.executionId);
+      if (this.config.postLogScript) {
+        this.runPostLogScript();
+      }
+    } catch (err) {
+      logger.error("Failed to write audit record:", err);
+    }
+  }
+  runPostLogScript() {
+    if (!this.config.postLogScript) {
+      return;
+    }
+    try {
+      const child = spawn(this.config.postLogScript, [this.auditFile], {
+        detached: true,
+        stdio: "ignore"
+      });
+      child.on("error", (err) => {
+        logger.error("Failed to run post-log script:", err);
+      });
+      child.unref();
+    } catch (err) {
+      logger.error("Failed to spawn post-log script:", err);
+    }
+  }
+  filterAuditData(audit) {
+    const result = {
+      executionId: audit.executionId,
+      userId: audit.userId,
+      timestamp: audit.timestamp,
+      runtime: audit.runtime,
+      codeHash: audit.codeHash,
+      containerId: audit.containerId,
+      exitCode: audit.exitCode,
+      durationMs: audit.durationMs
+    };
+    if (audit.resourceUsage !== undefined) {
+      result.resourceUsage = audit.resourceUsage;
+    }
+    if (audit.securityEvents !== undefined) {
+      result.securityEvents = audit.securityEvents;
+    }
+    if (audit.metadata !== undefined) {
+      result.metadata = audit.metadata;
+    }
+    if (this.config.includeCode && audit.code !== undefined) {
+      result.code = audit.code;
+    }
+    if (this.config.includeOutput) {
+      if (audit.stdout !== undefined) {
+        result.stdout = audit.stdout;
+      }
+      if (audit.stderr !== undefined) {
+        result.stderr = audit.stderr;
+      }
+    }
+    return result;
+  }
+}
+var init_audit = __esm(() => {
+  init_logger();
+});
+
 // src/engine/concurrency.ts
 class Semaphore {
   max;
@@ -55180,6 +55332,51 @@ var init_pool = __esm(() => {
   init_logger();
 });
 
+// src/engine/stats.ts
+function calculateCPUPercent(stats) {
+  const cpuDelta = stats.cpu_stats.cpu_usage.total_usage - stats.precpu_stats.cpu_usage.total_usage;
+  const systemDelta = stats.cpu_stats.system_cpu_usage - stats.precpu_stats.system_cpu_usage;
+  if (systemDelta === 0 || cpuDelta === 0) {
+    return 0;
+  }
+  const numCores = stats.cpu_stats.online_cpus ?? stats.cpu_stats.cpu_usage.percpu_usage?.length ?? 1;
+  return cpuDelta / systemDelta * numCores * 100;
+}
+function calculateNetworkStats(stats) {
+  if (!stats.networks) {
+    return { in: 0, out: 0 };
+  }
+  let rxBytes = 0;
+  let txBytes = 0;
+  for (const iface of Object.values(stats.networks)) {
+    rxBytes += iface.rx_bytes;
+    txBytes += iface.tx_bytes;
+  }
+  return { in: rxBytes, out: txBytes };
+}
+async function getContainerStats(container) {
+  const stats = await container.stats({
+    stream: false
+  });
+  const cpuPercent = calculateCPUPercent(stats);
+  const memoryBytes = stats.memory_stats.usage;
+  const network = calculateNetworkStats(stats);
+  return {
+    cpuPercent: Math.round(cpuPercent * 100) / 100,
+    memoryMB: Math.round(memoryBytes / (1024 * 1024)),
+    networkBytesIn: network.in,
+    networkBytesOut: network.out
+  };
+}
+function calculateResourceDelta(before, after) {
+  return {
+    cpuPercent: after.cpuPercent,
+    memoryMB: after.memoryMB,
+    networkBytesIn: after.networkBytesIn - before.networkBytesIn,
+    networkBytesOut: after.networkBytesOut - before.networkBytesOut
+  };
+}
+
 // src/engine/utils.ts
 var exports_utils = {};
 __export(exports_utils, {
@@ -55290,14 +55487,14 @@ var exports_docker = {};
 __export(exports_docker, {
   DockerIsol8: () => DockerIsol8
 });
-import { spawn } from "node:child_process";
+import { spawn as spawn2 } from "node:child_process";
 import { randomUUID } from "node:crypto";
-import { existsSync as existsSync2, readFileSync as readFileSync2 } from "node:fs";
+import { existsSync as existsSync3, readFileSync as readFileSync2 } from "node:fs";
 import { PassThrough } from "node:stream";
 async function writeFileViaExec(container, filePath, content) {
   const data = typeof content === "string" ? Buffer.from(content, "utf-8") : content;
   return new Promise((resolve2, reject) => {
-    const child = spawn("docker", ["exec", "-i", "-u", "sandbox", container.id, "sh", "-c", `cat > ${filePath}`], {
+    const child = spawn2("docker", ["exec", "-i", "-u", "sandbox", container.id, "sh", "-c", `cat > ${filePath}`], {
       stdio: ["pipe", "ignore", "pipe"]
     });
     child.on("error", (err) => {
@@ -55483,6 +55680,7 @@ class DockerIsol8 {
   tmpSize;
   security;
   persist;
+  auditLogger;
   container = null;
   persistentRuntime = null;
   pool = null;
@@ -55504,6 +55702,9 @@ class DockerIsol8 {
     this.tmpSize = options.tmpSize ?? "256m";
     this.persist = options.persist ?? false;
     this.security = options.security ?? { seccomp: "strict" };
+    if (options.audit) {
+      this.auditLogger = new AuditLogger(options.audit);
+    }
     if (options.debug) {
       logger.setDebug(true);
     }
@@ -55527,12 +55728,79 @@ class DockerIsol8 {
   }
   async execute(req) {
     await this.semaphore.acquire();
+    const startTime = Date.now();
     try {
-      return this.mode === "persistent" ? await this.executePersistent(req) : await this.executeEphemeral(req);
+      const result = this.mode === "persistent" ? await this.executePersistent(req, startTime) : await this.executeEphemeral(req, startTime);
+      return result;
     } finally {
       this.semaphore.release();
     }
   }
+  async recordAudit(req, result, startTime, container) {
+    try {
+      const enc = new TextEncoder;
+      const data = enc.encode(req.code);
+      const digest = await crypto.subtle.digest("SHA-256", data);
+      const codeHash = Array.from(new Uint8Array(digest)).map((b) => b.toString(16).padStart(2, "0")).join("");
+      let securityEvents;
+      if (container && this.network === "filtered") {
+        securityEvents = await this.collectSecurityEvents(container);
+        if (securityEvents.length === 0) {
+          securityEvents = undefined;
+        }
+      }
+      const audit = {
+        executionId: result.executionId,
+        userId: req.metadata?.userId || "",
+        timestamp: new Date(startTime).toISOString(),
+        runtime: result.runtime,
+        codeHash,
+        containerId: result.containerId || "",
+        exitCode: result.exitCode,
+        durationMs: result.durationMs,
+        resourceUsage: result.resourceUsage,
+        securityEvents,
+        metadata: req.metadata
+      };
+      this.auditLogger.record(audit);
+    } catch (err) {
+      logger.error("Failed to record audit log:", err);
+    }
+  }
+  async collectSecurityEvents(container) {
+    const events = [];
+    try {
+      const exec = await container.exec({
+        Cmd: ["cat", "/tmp/isol8-proxy/security-events.jsonl"],
+        AttachStdout: true,
+        AttachStderr: false,
+        User: "root"
+      });
+      const stream = await exec.start({ Tty: false });
+      const chunks = [];
+      for await (const chunk of stream) {
+        chunks.push(chunk);
+      }
+      const output = Buffer.concat(chunks).toString("utf-8").trim();
+      if (output) {
+        for (const line of output.split(`
+`)) {
+          if (line.trim()) {
+            try {
+              const event = JSON.parse(line);
+              events.push({
+                type: event.type || "unknown",
+                message: `Security event: ${event.type}`,
+                details: event.details || {},
+                timestamp: event.timestamp || new Date().toISOString()
+              });
+            } catch {}
+          }
+        }
+      }
+    } catch {}
+    return events;
+  }
   async putFile(path, content) {
     if (!this.container) {
       throw new Error("No active container. Call execute() first in persistent mode.");
@@ -55640,7 +55908,7 @@ class DockerIsol8 {
       return adapter.image;
     }
   }
-  async executeEphemeral(req) {
+  async executeEphemeral(req, startTime) {
     const adapter = this.getAdapter(req.runtime);
     const timeoutMs = req.timeoutMs ?? this.defaultTimeoutMs;
     const image = await this.resolveImage(adapter);
@@ -55659,6 +55927,14 @@ class DockerIsol8 {
       });
     }
     const container = await this.pool.acquire(image);
+    let startStats;
+    if (this.auditLogger) {
+      try {
+        startStats = await getContainerStats(container);
+      } catch (err) {
+        logger.debug("Failed to collect baseline stats:", err);
+      }
+    }
     try {
       if (this.network === "filtered") {
         await startProxy(container, this.networkFilter);
@@ -55699,7 +55975,16 @@ class DockerIsol8 {
       const { stdout, stderr, truncated } = await this.collectExecOutput(execStream, container, timeoutMs);
       const durationMs = Math.round(performance.now() - start);
       const inspectResult = await exec.inspect();
-      return {
+      let resourceUsage;
+      if (startStats) {
+        try {
+          const endStats = await getContainerStats(container);
+          resourceUsage = calculateResourceDelta(startStats, endStats);
+        } catch (err) {
+          logger.debug("Failed to collect final stats:", err);
+        }
+      }
+      const result = {
         stdout: this.postProcessOutput(stdout, truncated),
         stderr: this.postProcessOutput(stderr, false),
         exitCode: inspectResult.ExitCode ?? 1,
@@ -55709,8 +55994,13 @@ class DockerIsol8 {
         runtime: req.runtime,
         timestamp: new Date().toISOString(),
         containerId: container.id,
+        ...resourceUsage ? { resourceUsage } : {},
         ...req.outputPaths ? { files: await this.retrieveFiles(container, req.outputPaths) } : {}
       };
+      if (this.auditLogger) {
+        await this.recordAudit(req, result, startTime, container);
+      }
+      return result;
     } finally {
       if (this.persist) {
         logger.debug(`[Persist] Leaving container running for inspection: ${container.id}`);
@@ -55719,7 +56009,7 @@ class DockerIsol8 {
       }
     }
   }
-  async executePersistent(req) {
+  async executePersistent(req, startTime) {
     const adapter = this.getAdapter(req.runtime);
     const timeoutMs = req.timeoutMs ?? this.defaultTimeoutMs;
     if (!this.container) {
@@ -55773,7 +56063,21 @@ class DockerIsol8 {
     const { stdout, stderr, truncated } = await this.collectExecOutput(execStream, this.container, timeoutMs);
     const durationMs = Math.round(performance.now() - start);
     const inspectResult = await exec.inspect();
-    return {
+    let resourceUsage;
+    if (this.auditLogger) {
+      try {
+        const endStats = await getContainerStats(this.container);
+        resourceUsage = {
+          cpuPercent: endStats.cpuPercent,
+          memoryMB: endStats.memoryMB,
+          networkBytesIn: endStats.networkBytesIn,
+          networkBytesOut: endStats.networkBytesOut
+        };
+      } catch (err) {
+        logger.debug("Failed to collect resource stats:", err);
+      }
+    }
+    const result = {
       stdout: this.postProcessOutput(stdout, truncated),
       stderr: this.postProcessOutput(stderr, false),
       exitCode: inspectResult.ExitCode ?? 1,
@@ -55783,8 +56087,13 @@ class DockerIsol8 {
       runtime: req.runtime,
       timestamp: new Date().toISOString(),
       containerId: this.container?.id,
+      ...resourceUsage ? { resourceUsage } : {},
       ...req.outputPaths ? { files: await this.retrieveFiles(this.container, req.outputPaths) } : {}
     };
+    if (this.auditLogger) {
+      await this.recordAudit(req, result, startTime, this.container);
+    }
+    return result;
   }
   async retrieveFiles(container, paths) {
     const files = {};
@@ -55876,11 +56185,11 @@ class DockerIsol8 {
   }
   loadDefaultSeccompProfile() {
     const devPath = new URL("../../docker/seccomp-profile.json", import.meta.url);
-    if (existsSync2(devPath)) {
+    if (existsSync3(devPath)) {
       return readFileSync2(devPath, "utf-8");
     }
     const prodPath = new URL("./docker/seccomp-profile.json", import.meta.url);
-    if (existsSync2(prodPath)) {
+    if (existsSync3(prodPath)) {
       return readFileSync2(prodPath, "utf-8");
     }
     logger.warn("Could not locate default seccomp profile. Running without seccomp filter.");
@@ -56086,6 +56395,7 @@ var import_dockerode, SANDBOX_WORKDIR = "/sandbox", MAX_OUTPUT_BYTES, PROXY_PORT
 var init_docker = __esm(() => {
   init_runtime();
   init_logger();
+  init_audit();
   init_pool();
   import_dockerode = __toESM(require_docker(), 1);
   MAX_OUTPUT_BYTES = 1024 * 1024;
@@ -56096,7 +56406,7 @@ var package_default;
 var init_package = __esm(() => {
   package_default = {
     name: "isol8",
-    version: "0.8.2",
+    version: "0.8.3",
     description: "Secure code execution engine for AI agents",
     author: "Illusion47586",
     license: "MIT",
@@ -57854,7 +58164,8 @@ async function createServer(options) {
       sandboxSize: config.defaults.sandboxSize,
       tmpSize: config.defaults.tmpSize,
       ...body.options,
-      mode: body.sessionId ? "persistent" : "ephemeral"
+      mode: body.sessionId ? "persistent" : "ephemeral",
+      audit: config.audit
     };
     let engine;
     if (body.sessionId) {
@@ -58025,15 +58336,15 @@ var init_server = __esm(() => {
 // src/cli.ts
 import {
   chmodSync,
-  existsSync as existsSync4,
-  mkdirSync,
+  existsSync as existsSync5,
+  mkdirSync as mkdirSync2,
   readFileSync as readFileSync3,
   renameSync,
-  unlinkSync,
+  unlinkSync as unlinkSync2,
   writeFileSync
 } from "node:fs";
 import { arch, homedir as homedir2, platform } from "node:os";
-import { join as join2, resolve as resolve2 } from "node:path";
+import { join as join3, resolve as resolve2 } from "node:path";
 
 // node_modules/commander/esm.mjs
 var import__ = __toESM(require_commander(), 1);
@@ -61427,10 +61738,10 @@ init_docker();
 
 // src/engine/image-builder.ts
 init_runtime();
-import { existsSync as existsSync3 } from "node:fs";
+import { existsSync as existsSync4 } from "node:fs";
 function resolveDockerDir() {
   const fromBundled = new URL("../docker", import.meta.url).pathname;
-  if (existsSync3(fromBundled)) {
+  if (existsSync4(fromBundled)) {
     return fromBundled;
   }
   return new URL("../../docker", import.meta.url).pathname;
@@ -61783,7 +62094,7 @@ function getServerBinaryName() {
   return `isol8-server-${resolvedOs}-${resolvedArch}`;
 }
 async function getServerBinaryVersion(binaryPath) {
-  if (!existsSync4(binaryPath)) {
+  if (!existsSync5(binaryPath)) {
     logger.debug(`[Serve] No binary found at ${binaryPath}`);
     return null;
   }
@@ -61816,8 +62127,8 @@ async function downloadServerBinary(binaryPath) {
       }
       process.exit(1);
     }
-    const binDir = join2(homedir2(), ".isol8", "bin");
-    mkdirSync(binDir, { recursive: true });
+    const binDir = join3(homedir2(), ".isol8", "bin");
+    mkdirSync2(binDir, { recursive: true });
     const tmpPath = `${binaryPath}.tmp`;
     const buffer = Buffer.from(await response.arrayBuffer());
     writeFileSync(tmpPath, buffer);
@@ -61828,8 +62139,8 @@ async function downloadServerBinary(binaryPath) {
   } catch (err) {
     spinner.fail("Failed to download server binary");
     const tmpPath = `${binaryPath}.tmp`;
-    if (existsSync4(tmpPath)) {
-      unlinkSync(tmpPath);
+    if (existsSync5(tmpPath)) {
+      unlinkSync2(tmpPath);
     }
     throw err;
   }
@@ -61848,8 +62159,8 @@ async function promptYesNo(question) {
   return normalized === "" || normalized === "y" || normalized === "yes";
 }
 async function ensureServerBinary(forceUpdate) {
-  const binDir = join2(homedir2(), ".isol8", "bin");
-  const binaryPath = join2(binDir, "isol8-server");
+  const binDir = join3(homedir2(), ".isol8", "bin");
+  const binaryPath = join3(binDir, "isol8-server");
   logger.debug(`[Serve] Binary path: ${binaryPath}, forceUpdate: ${forceUpdate}`);
   if (forceUpdate) {
     logger.debug("[Serve] Force update requested");
@@ -61879,10 +62190,10 @@ async function ensureServerBinary(forceUpdate) {
 program2.command("config").description("Show the resolved isol8 configuration").option("--json", "Output as raw JSON").action((opts) => {
   const config = loadConfig();
   const searchPaths = [
-    join2(resolve2(process.cwd()), "isol8.config.json"),
-    join2(homedir2(), ".isol8", "config.json")
+    join3(resolve2(process.cwd()), "isol8.config.json"),
+    join3(homedir2(), ".isol8", "config.json")
   ];
-  const loadedFrom = searchPaths.find((p) => existsSync4(p));
+  const loadedFrom = searchPaths.find((p) => existsSync5(p));
   logger.debug(`[Config] Config source: ${loadedFrom ?? "defaults"}`);
   logger.debug(`[Config] Resolved config: ${JSON.stringify(config)}`);
   if (opts.json) {
@@ -62017,7 +62328,7 @@ async function resolveRunInput(file, opts) {
   } else if (file) {
     const filePath = resolve2(file);
     logger.debug(`[Run] Reading file: ${filePath}`);
-    if (!existsSync4(filePath)) {
+    if (!existsSync5(filePath)) {
       console.error(`[ERR] File not found: ${file}`);
       process.exit(1);
     }
@@ -62104,4 +62415,4 @@ if (!process.argv.slice(2).length) {
 }
 program2.parse();
 
-//# debugId=6B900589B43971DE64756E2164756E21
+//# debugId=618F453F99998F9064756E2164756E21

package/dist/docker/proxy-handler.sh

@@ -71,6 +71,10 @@ if [ "$method" = "CONNECT" ]; then
 
   if ! is_allowed "$host"; then
     msg="isol8: CONNECT to ${host} blocked by network filter"
+    # Log security event
+    if [ -d "/tmp/isol8-proxy" ]; then
+      printf '{"type":"network_blocked","timestamp":"%s","details":{"method":"CONNECT","host":"%s","reason":"filter_mismatch"}}\n' "$(date -Iseconds)" "$host" >> /tmp/isol8-proxy/security-events.jsonl
+    fi
     printf "HTTP/1.1 403 Forbidden\r\nContent-Type: text/plain\r\nContent-Length: %d\r\n\r\n%s" \
       "${#msg}" "$msg"
     exit 0
@@ -96,6 +100,10 @@ port="${hostport##*:}"
 
 if ! is_allowed "$host"; then
   msg="isol8: request to ${host} blocked by network filter"
+  # Log security event
+  if [ -d "/tmp/isol8-proxy" ]; then
+    printf '{"type":"network_blocked","timestamp":"%s","details":{"method":"%s","host":"%s","reason":"filter_mismatch"}}\n' "$(date -Iseconds)" "$method" "$host" >> /tmp/isol8-proxy/security-events.jsonl
+  fi
   printf "HTTP/1.1 403 Forbidden\r\nContent-Type: text/plain\r\nContent-Length: %d\r\n\r\n%s" \
     "${#msg}" "$msg"
   exit 0

package/dist/docker/proxy.sh

@@ -17,6 +17,9 @@ PORT="${ISOL8_PROXY_PORT:-8118}"
 PROXY_DIR="/tmp/isol8-proxy"
 mkdir -p "$PROXY_DIR"
 
+# Create security events log file
+touch "$PROXY_DIR/security-events.jsonl"
+
 WL_FILE="$PROXY_DIR/whitelist"
 BL_FILE="$PROXY_DIR/blacklist"