isol8 0.8.3 → 0.9.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +390 -78
- package/dist/docker/proxy-handler.sh +8 -0
- package/dist/docker/proxy.sh +3 -0
- package/dist/index.js +325 -13
- package/dist/src/config.d.ts.map +1 -1
- package/dist/src/engine/audit.d.ts +31 -0
- package/dist/src/engine/audit.d.ts.map +1 -0
- package/dist/src/engine/docker.d.ts +9 -0
- package/dist/src/engine/docker.d.ts.map +1 -1
- package/dist/src/engine/image-builder.d.ts.map +1 -1
- package/dist/src/engine/stats.d.ts +35 -0
- package/dist/src/engine/stats.d.ts.map +1 -0
- package/dist/src/server/index.d.ts.map +1 -1
- package/dist/src/types.d.ts +85 -0
- package/dist/src/types.d.ts.map +1 -1
- package/package.json +2 -1
- package/schema/isol8.config.schema.json +47 -0
package/dist/src/types.d.ts
CHANGED
|
@@ -66,6 +66,11 @@ export interface ExecutionRequest {
|
|
|
66
66
|
* e.g. `["numpy", "pandas"]` for Python or `["lodash"]` for Node.
|
|
67
67
|
*/
|
|
68
68
|
installPackages?: string[];
|
|
69
|
+
/**
|
|
70
|
+
* Additional metadata to include in audit logs (userId, tenantId, etc.).
|
|
71
|
+
* Passed through to audit logs when audit logging is enabled.
|
|
72
|
+
*/
|
|
73
|
+
metadata?: Record<string, string>;
|
|
69
74
|
}
|
|
70
75
|
/**
|
|
71
76
|
* The result of a code execution.
|
|
@@ -95,6 +100,22 @@ export interface ExecutionResult {
|
|
|
95
100
|
* Only populated when {@link ExecutionRequest.outputPaths} is specified.
|
|
96
101
|
*/
|
|
97
102
|
files?: Record<string, string>;
|
|
103
|
+
/**
|
|
104
|
+
* Resource usage metrics collected during execution.
|
|
105
|
+
* Only populated when audit logging with trackResources is enabled.
|
|
106
|
+
*/
|
|
107
|
+
resourceUsage?: {
|
|
108
|
+
/** CPU usage as percentage (0-100 * num_cores) */
|
|
109
|
+
cpuPercent: number;
|
|
110
|
+
/** Current memory usage in megabytes */
|
|
111
|
+
memoryMB: number;
|
|
112
|
+
/** Peak memory usage in megabytes (if tracked) */
|
|
113
|
+
peakMemoryMB?: number;
|
|
114
|
+
/** Bytes received during execution */
|
|
115
|
+
networkBytesIn: number;
|
|
116
|
+
/** Bytes sent during execution */
|
|
117
|
+
networkBytesOut: number;
|
|
118
|
+
};
|
|
98
119
|
}
|
|
99
120
|
/**
|
|
100
121
|
* A chunk of streaming output from an execution.
|
|
@@ -107,6 +128,45 @@ export interface StreamEvent {
|
|
|
107
128
|
/** Text content for stdout/stderr, exit code string for exit, error message for error. */
|
|
108
129
|
data: string;
|
|
109
130
|
}
|
|
131
|
+
/**
|
|
132
|
+
* Security events raised during execution (policy violations, alerts).
|
|
133
|
+
*/
|
|
134
|
+
export interface SecurityEvent {
|
|
135
|
+
type: string;
|
|
136
|
+
message: string;
|
|
137
|
+
details?: Record<string, unknown>;
|
|
138
|
+
timestamp: string;
|
|
139
|
+
}
|
|
140
|
+
/**
|
|
141
|
+
* Audit record for an execution. Stored in immutable append-only logs.
|
|
142
|
+
*/
|
|
143
|
+
export interface ExecutionAudit {
|
|
144
|
+
executionId: string;
|
|
145
|
+
userId: string;
|
|
146
|
+
timestamp: string;
|
|
147
|
+
runtime: Runtime;
|
|
148
|
+
codeHash: string;
|
|
149
|
+
containerId: string;
|
|
150
|
+
exitCode: number;
|
|
151
|
+
durationMs: number;
|
|
152
|
+
resourceUsage?: {
|
|
153
|
+
/** CPU usage as percentage (0-100 * num_cores) */
|
|
154
|
+
cpuPercent: number;
|
|
155
|
+
/** Current memory usage in megabytes */
|
|
156
|
+
memoryMB: number;
|
|
157
|
+
/** Peak memory usage in megabytes (if tracked) */
|
|
158
|
+
peakMemoryMB?: number;
|
|
159
|
+
/** Bytes received during execution */
|
|
160
|
+
networkBytesIn: number;
|
|
161
|
+
/** Bytes sent during execution */
|
|
162
|
+
networkBytesOut: number;
|
|
163
|
+
};
|
|
164
|
+
securityEvents?: SecurityEvent[];
|
|
165
|
+
code?: string;
|
|
166
|
+
stdout?: string;
|
|
167
|
+
stderr?: string;
|
|
168
|
+
metadata?: Record<string, string>;
|
|
169
|
+
}
|
|
110
170
|
/**
|
|
111
171
|
* Isol8 lifecycle mode.
|
|
112
172
|
*
|
|
@@ -158,6 +218,8 @@ export interface Isol8Options {
|
|
|
158
218
|
persist?: boolean;
|
|
159
219
|
/** Security settings. */
|
|
160
220
|
security?: SecurityConfig;
|
|
221
|
+
/** Audit logging configuration. */
|
|
222
|
+
audit?: AuditConfig;
|
|
161
223
|
}
|
|
162
224
|
/**
|
|
163
225
|
* The core isol8 engine abstraction. Both {@link DockerIsol8} and {@link RemoteIsol8}
|
|
@@ -261,6 +323,25 @@ export interface SecurityConfig {
|
|
|
261
323
|
/** Path to a custom seccomp profile JSON file. Required if seccomp is "custom". */
|
|
262
324
|
customProfilePath?: string;
|
|
263
325
|
}
|
|
326
|
+
/** Configuration for audit logging. */
|
|
327
|
+
export interface AuditConfig {
|
|
328
|
+
/** Enable audit logging. @default false */
|
|
329
|
+
enabled: boolean;
|
|
330
|
+
/** Destination for audit logs (filesystem, stdout) @default "filesystem" */
|
|
331
|
+
destination: "filesystem" | "stdout" | string;
|
|
332
|
+
/** Custom directory for audit log files @default undefined (uses ./.isol8_audit) */
|
|
333
|
+
logDir?: string;
|
|
334
|
+
/** Script to run after each log entry (receives file path as argument) @default undefined */
|
|
335
|
+
postLogScript?: string;
|
|
336
|
+
/** Track resource usage (CPU, memory, network) @default true */
|
|
337
|
+
trackResources: boolean;
|
|
338
|
+
/** Retention period for audit logs in days @default 90 */
|
|
339
|
+
retentionDays: number;
|
|
340
|
+
/** Whether to include the source code in audit logs @default false */
|
|
341
|
+
includeCode: boolean;
|
|
342
|
+
/** Whether to include output (stdout/stderr) in audit logs @default false */
|
|
343
|
+
includeOutput: boolean;
|
|
344
|
+
}
|
|
264
345
|
/**
|
|
265
346
|
* Top-level configuration schema for isol8.
|
|
266
347
|
*
|
|
@@ -283,6 +364,8 @@ export interface Isol8Config {
|
|
|
283
364
|
dependencies: Isol8Dependencies;
|
|
284
365
|
/** Security settings. */
|
|
285
366
|
security: SecurityConfig;
|
|
367
|
+
/** Audit logging configuration. */
|
|
368
|
+
audit: AuditConfig;
|
|
286
369
|
/** Enable debug logging. @default false */
|
|
287
370
|
debug: boolean;
|
|
288
371
|
}
|
|
@@ -307,5 +390,7 @@ export interface Isol8UserConfig {
|
|
|
307
390
|
dependencies?: Isol8Dependencies;
|
|
308
391
|
/** Security settings. */
|
|
309
392
|
security?: SecurityConfig;
|
|
393
|
+
/** Audit logging configuration. */
|
|
394
|
+
audit?: Partial<AuditConfig>;
|
|
310
395
|
}
|
|
311
396
|
//# sourceMappingURL=types.d.ts.map
|
package/dist/src/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;;;;;;;GAQG;AACH,MAAM,MAAM,OAAO,GAAG,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,MAAM,GAAG,MAAM,CAAC;AAElE;;;;;;;GAOG;AACH,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;AAEvD;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IAEb,sEAAsE;IACtE,OAAO,EAAE,OAAO,CAAC;IAEjB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE7B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,CAAC;IAExC;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IAEvB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;;;;;;;GAQG;AACH,MAAM,MAAM,OAAO,GAAG,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,MAAM,GAAG,MAAM,CAAC;AAElE;;;;;;;GAOG;AACH,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;AAEvD;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IAEb,sEAAsE;IACtE,OAAO,EAAE,OAAO,CAAC;IAEjB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE7B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,CAAC;IAExC;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IAEvB;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAE3B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,mDAAmD;IACnD,MAAM,EAAE,MAAM,CAAC;IAEf,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IAEf,gDAAgD;IAChD,QAAQ,EAAE,MAAM,CAAC;IAEjB,iDAAiD;IACjD,UAAU,EAAE,MAAM,CAAC;IAEnB,0FAA0F;IAC1F,SAAS,EAAE,OAAO,CAAC;IAEnB,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IAEpB,uCAAuC;IACvC,OAAO,EAAE,OAAO,CAAC;IAEjB,oDAAoD;IACpD,SAAS,EAAE,MAAM,CAAC;IAElB,0CAA0C;IAC1C,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE/B;;;OAGG;IACH,aAAa,CAAC,EAAE;QACd,kDAAkD;QAClD,UAAU,EAAE,MAAM,CAAC;QACnB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,CAAC;QACjB,kDAAkD;QAClD,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,sCAAsC;QACtC,cAAc,EAAE,MAAM,CAAC;QACvB,kCAAkC;QAClC,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;CACH;AAED;;;;GAIG;AACH,MAAM,WAAW,WAAW;IAC1B,wDAAwD;IACxD,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,OAAO,CAAC;IAC7C,0FAA0F;IAC1F,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE;QACd,kDAAkD;QAClD,UAAU,EAAE,MAAM,CAAC;QACnB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,CAAC;QACjB,kDAAkD;QAClD,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,sCAAsC;QACtC,cAAc,EAAE,MAAM,CAAC;QACvB,kCAAkC;QAClC,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,cAAc,CAAC,EAAE,aAAa,EAAE,CAAC;IAEjC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAID;;;;;;GAMG;AACH,MAAM,MAAM,SAAS,GAAG,WAAW,GAAG,YAAY,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,2CAA2C;IAC3C,IAAI,CAAC,EAAE,SAAS,CAAC;IAEjB,2CAA2C;IAC3C,OAAO,CAAC,EAAE,WAAW,CAAC;IAEtB,yFAAyF;IACzF,aAAa,CAAC,EAAE,mBAAmB,CAAC;IAEpC,mFAAmF;IACnF,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,mEAAmE;IACnE,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,4EAA4E;IAC5E,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,4DAA4D;IAC5D,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB,6EAA6E;IAC7E,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEjC,gEAAgE;IAChE,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,iEAAiE;IACjE,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,wIAAwI;IACxI,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,+EAA+E;IAC/E,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB;;;;OAIG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,yBAAyB;IACzB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAE1B,mCAAmC;IACnC,KAAK,CAAC,EAAE,WAAW,CAAC;CACrB;AAED;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,gEAAgE;IAChE,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAEvB,kEAAkE;IAClE,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAEtB,0CAA0C;IAC1C,OAAO,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;IAEzD;;;;;;OAMG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE/D;;;;;;OAMG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAEvC;;;;;OAKG;IACH,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;CAClE;AAID;;;;;;;;GAQG;AACH,MAAM,WAAW,mBAAmB;IAClC,2FAA2F;IAC3F,SAAS,EAAE,MAAM,EAAE,CAAC;IAEpB,mGAAmG;IACnG,SAAS,EAAE,MAAM,EAAE,CAAC;CACrB;AAID,oDAAoD;AACpD,MAAM,WAAW,aAAa;IAC5B,sDAAsD;IACtD,SAAS,EAAE,MAAM,CAAC;IAClB,4CAA4C;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,4DAA4D;IAC5D,QAAQ,EAAE,MAAM,CAAC;IACjB,4CAA4C;IAC5C,OAAO,EAAE,WAAW,CAAC;IACrB,kEAAkE;IAClE,WAAW,EAAE,MAAM,CAAC;IACpB,8DAA8D;IAC9D,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,yDAAyD;AACzD,MAAM,WAAW,YAAY;IAC3B,oEAAoE;IACpE,SAAS,EAAE,OAAO,CAAC;IACnB,kFAAkF;IAClF,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,0CAA0C;IAC1C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,oDAAoD;IACpD,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,wCAAwC;IACxC,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,qCAAqC;IACrC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,iDAAiD;IACjD,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;;;;OAKG;IACH,OAAO,CAAC,EAAE,QAAQ,GAAG,YAAY,GAAG,QAAQ,CAAC;IAC7C,mFAAmF;IACnF,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,uCAAuC;AACvC,MAAM,WAAW,WAAW;IAC1B,2CAA2C;IAC3C,OAAO,EAAE,OAAO,CAAC;IACjB,4EAA4E;IAC5E,WAAW,EAAE,YAAY,GAAG,QAAQ,GAAG,MAAM,CAAC;IAC9C,oFAAoF;IACpF,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,6FAA6F;IAC7F,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gEAAgE;IAChE,cAAc,EAAE,OAAO,CAAC;IACxB,0DAA0D;IAC1D,aAAa,EAAE,MAAM,CAAC;IACtB,sEAAsE;IACtE,WAAW,EAAE,OAAO,CAAC;IACrB,6EAA6E;IAC7E,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC1B,0EAA0E;IAC1E,aAAa,EAAE,MAAM,CAAC;IAEtB,sDAAsD;IACtD,QAAQ,EAAE,aAAa,CAAC;IAExB,4DAA4D;IAC5D,OAAO,EAAE,mBAAmB,CAAC;IAE7B,gDAAgD;IAChD,OAAO,EAAE,YAAY,CAAC;IAEtB,mEAAmE;IACnE,YAAY,EAAE,iBAAiB,CAAC;IAEhC,yBAAyB;IACzB,QAAQ,EAAE,cAAc,CAAC;IAEzB,mCAAmC;IACnC,KAAK,EAAE,WAAW,CAAC;IAEnB,2CAA2C;IAC3C,KAAK,EAAE,OAAO,CAAC;CAChB;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,wDAAwD;IACxD,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB,0EAA0E;IAC1E,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,kFAAkF;IAClF,QAAQ,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAElC,4DAA4D;IAC5D,OAAO,CAAC,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAEvC,4EAA4E;IAC5E,OAAO,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IAEhC,mEAAmE;IACnE,YAAY,CAAC,EAAE,iBAAiB,CAAC;IAEjC,yBAAyB;IACzB,QAAQ,CAAC,EAAE,cAAc,CAAC;IAE1B,mCAAmC;IACnC,KAAK,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;CAC9B"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "isol8",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.9.0-alpha.0",
|
|
4
4
|
"description": "Secure code execution engine for AI agents",
|
|
5
5
|
"author": "Illusion47586",
|
|
6
6
|
"license": "MIT",
|
|
@@ -41,6 +41,7 @@
|
|
|
41
41
|
"build:server": "bun run scripts/build-server.ts",
|
|
42
42
|
"build:server:all": "bun run scripts/build-server.ts --all",
|
|
43
43
|
"test": "bun test",
|
|
44
|
+
"test:prod": "bun test tests/production/",
|
|
44
45
|
"lint:check": "ultracite check",
|
|
45
46
|
"lint:fix": "ultracite fix",
|
|
46
47
|
"bench": "bunx tsx benchmarks/spawn.ts",
|
|
@@ -52,6 +52,53 @@
|
|
|
52
52
|
"description": "JSON Schema URI for editor validation/completion.",
|
|
53
53
|
"type": "string"
|
|
54
54
|
},
|
|
55
|
+
"audit": {
|
|
56
|
+
"additionalProperties": false,
|
|
57
|
+
"description": "Audit logging configuration.",
|
|
58
|
+
"properties": {
|
|
59
|
+
"destination": {
|
|
60
|
+
"default": "filesystem",
|
|
61
|
+
"description": "Destination for audit logs (filesystem, stdout)",
|
|
62
|
+
"type": "string"
|
|
63
|
+
},
|
|
64
|
+
"enabled": {
|
|
65
|
+
"default": false,
|
|
66
|
+
"description": "Enable audit logging.",
|
|
67
|
+
"type": "boolean"
|
|
68
|
+
},
|
|
69
|
+
"includeCode": {
|
|
70
|
+
"default": false,
|
|
71
|
+
"description": "Whether to include the source code in audit logs",
|
|
72
|
+
"type": "boolean"
|
|
73
|
+
},
|
|
74
|
+
"includeOutput": {
|
|
75
|
+
"default": false,
|
|
76
|
+
"description": "Whether to include output (stdout/stderr) in audit logs",
|
|
77
|
+
"type": "boolean"
|
|
78
|
+
},
|
|
79
|
+
"logDir": {
|
|
80
|
+
"default": "undefined (uses ./.isol8_audit)",
|
|
81
|
+
"description": "Custom directory for audit log files",
|
|
82
|
+
"type": "string"
|
|
83
|
+
},
|
|
84
|
+
"postLogScript": {
|
|
85
|
+
"default": "undefined",
|
|
86
|
+
"description": "Script to run after each log entry (receives file path as argument)",
|
|
87
|
+
"type": "string"
|
|
88
|
+
},
|
|
89
|
+
"retentionDays": {
|
|
90
|
+
"default": 90,
|
|
91
|
+
"description": "Retention period for audit logs in days",
|
|
92
|
+
"type": "number"
|
|
93
|
+
},
|
|
94
|
+
"trackResources": {
|
|
95
|
+
"default": true,
|
|
96
|
+
"description": "Track resource usage (CPU, memory, network)",
|
|
97
|
+
"type": "boolean"
|
|
98
|
+
}
|
|
99
|
+
},
|
|
100
|
+
"type": "object"
|
|
101
|
+
},
|
|
55
102
|
"cleanup": {
|
|
56
103
|
"additionalProperties": false,
|
|
57
104
|
"description": "Container cleanup and lifecycle settings. (Partial override allowed).",
|