noumen 0.3.0 → 0.5.0

package/dist/{chunk-5JN4SPI7.js → chunk-WTLK2ZAR.js}

@@ -91,4 +91,4 @@ export {
   resolveProvider,
   detectProvider
 };
-//# sourceMappingURL=chunk-5JN4SPI7.js.map
+//# sourceMappingURL=chunk-WTLK2ZAR.js.map

package/dist/{chunk-HL6JCRZJ.js → chunk-XZN4QZLK.js}

@@ -1,12 +1,12 @@
-import {
-  formatZodValidationError
-} from "./chunk-3SK5GCI6.js";
 import {
   IMAGE_EXTENSIONS,
   compressImageBufferWithTokenLimit,
   createImageMetadataText,
   maybeResizeAndDownsampleImageBuffer
 } from "./chunk-5GEX6ZSB.js";
+import {
+  formatZodValidationError
+} from "./chunk-3SK5GCI6.js";
 import {
   contentToString
 } from "./chunk-JACGEMTF.js";
@@ -3109,4 +3109,4 @@ export {
   resolveToolFlag,
   ToolRegistry
 };
-//# sourceMappingURL=chunk-HL6JCRZJ.js.map
+//# sourceMappingURL=chunk-XZN4QZLK.js.map

package/dist/cli/index.js

@@ -16,21 +16,21 @@ import {
   Agent,
   LocalSandbox,
   UnsandboxedLocal
-} from "../chunk-4HW6LN6D.js";
-import "../chunk-42PHHZUA.js";
+} from "../chunk-WPCYGZOE.js";
 import {
   DEFAULT_MODELS,
   SUPPORTED_PROVIDERS,
   detectProvider,
   resolveProvider
-} from "../chunk-5JN4SPI7.js";
+} from "../chunk-WTLK2ZAR.js";
+import "../chunk-42PHHZUA.js";
+import "../chunk-XZN4QZLK.js";
+import "../chunk-5GEX6ZSB.js";
+import "../chunk-4SQA2UCV.js";
+import "../chunk-3SK5GCI6.js";
 import "../chunk-HEQQQGK5.js";
 import "../chunk-L3L3FG5T.js";
 import "../chunk-3HEYCV26.js";
-import "../chunk-HL6JCRZJ.js";
-import "../chunk-3SK5GCI6.js";
-import "../chunk-5GEX6ZSB.js";
-import "../chunk-4SQA2UCV.js";
 import "../chunk-JACGEMTF.js";
 import "../chunk-DGUM43GV.js";
 
@@ -532,7 +532,7 @@ async function runAgent(config) {
     const { createInterface: createInterface3 } = await import("readline/promises");
     const rl = createInterface3({ input: process.stdin, output: process.stderr, terminal: true });
     try {
-      const { SUPPORTED_PROVIDERS: SUPPORTED_PROVIDERS2, isOllamaRunning: isOllamaRunning2, ollamaBaseURL: ollamaBaseURL2 } = await import("../provider-factory-KCLIF34X.js");
+      const { SUPPORTED_PROVIDERS: SUPPORTED_PROVIDERS2, isOllamaRunning: isOllamaRunning2, ollamaBaseURL: ollamaBaseURL2 } = await import("../provider-factory-KI7OZUY3.js");
       const providerAnswer = await rl.question(
         `  Provider (${SUPPORTED_PROVIDERS2.join(", ")}) [${chalk3.bold("ollama")}]: `
       );
@@ -589,9 +589,9 @@ async function runAgent(config) {
     return runAgent(config);
   }
   if (!config.model) {
-    const { DEFAULT_MODELS: DEFAULT_MODELS2 } = await import("../provider-factory-KCLIF34X.js");
+    const { DEFAULT_MODELS: DEFAULT_MODELS2 } = await import("../provider-factory-KI7OZUY3.js");
     if (providerName === "ollama") {
-      const { ollamaBaseURL: ollamaBaseURL2 } = await import("../provider-factory-KCLIF34X.js");
+      const { ollamaBaseURL: ollamaBaseURL2 } = await import("../provider-factory-KI7OZUY3.js");
       const models = await listLocalOllamaModels(ollamaBaseURL2());
       const preferred = DEFAULT_MODELS2[providerName];
       config.model = models.includes(preferred) ? preferred : models[0] ?? preferred;

package/dist/computer-BPdxSo6X.d.ts

@@ -0,0 +1,88 @@
+interface FileEntry {
+    name: string;
+    path: string;
+    isDirectory: boolean;
+    isFile: boolean;
+    size?: number;
+}
+interface FileStat {
+    size: number;
+    isDirectory: boolean;
+    isFile: boolean;
+    createdAt?: Date;
+    modifiedAt?: Date;
+}
+interface ReadOptions {
+    encoding?: BufferEncoding;
+    /**
+     * Maximum number of bytes to read. When set, only the first `maxBytes`
+     * bytes are returned (decoded as a string). Implementations that do not
+     * support this option may ignore it and return the full content.
+     */
+    maxBytes?: number;
+}
+/**
+ * Sandboxed filesystem interface.
+ *
+ * `VirtualFs` is noumen's primary isolation boundary for file I/O. Every
+ * built-in tool that touches the filesystem (ReadFile, WriteFile, EditFile)
+ * delegates to this interface — the agent never accesses `node:fs` directly.
+ *
+ * Swap implementations to control where files live and what the agent can reach:
+ * - `LocalFs`   — reads/writes on the host filesystem (no isolation, for local dev)
+ * - `SpritesFs` — reads/writes inside a remote sprites.dev container (full sandbox)
+ * - Custom      — implement this interface for Docker volumes, E2B, S3, in-memory, etc.
+ */
+interface VirtualFs {
+    readFile(path: string, opts?: ReadOptions): Promise<string>;
+    /**
+     * Read raw bytes from a file. Used for binary content (images, PDFs).
+     * Implementations SHOULD cap the read at `maxBytes` to prevent OOM on
+     * very large files. When `maxBytes` is omitted, the entire file is read.
+     *
+     * Returns a Buffer (Node.js) or Uint8Array.
+     */
+    readFileBytes?(path: string, maxBytes?: number): Promise<Buffer>;
+    writeFile(path: string, content: string): Promise<void>;
+    appendFile(path: string, content: string): Promise<void>;
+    deleteFile(path: string, opts?: {
+        recursive?: boolean;
+    }): Promise<void>;
+    mkdir(path: string, opts?: {
+        recursive?: boolean;
+    }): Promise<void>;
+    readdir(path: string, opts?: {
+        recursive?: boolean;
+    }): Promise<FileEntry[]>;
+    exists(path: string): Promise<boolean>;
+    stat(path: string): Promise<FileStat>;
+}
+
+interface ExecOptions {
+    timeout?: number;
+    cwd?: string;
+    env?: Record<string, string>;
+    signal?: AbortSignal;
+}
+interface CommandResult {
+    exitCode: number;
+    stdout: string;
+    stderr: string;
+}
+/**
+ * Sandboxed shell execution interface.
+ *
+ * `VirtualComputer` is noumen's primary isolation boundary for command
+ * execution. Every built-in tool that runs shell commands (Bash, Glob, Grep)
+ * delegates to this interface — the agent never spawns processes directly.
+ *
+ * Swap implementations to control where and how commands run:
+ * - `LocalComputer`   — runs on the host machine (no isolation, for local dev)
+ * - `SpritesComputer`  — runs in a remote sprites.dev container (full sandbox)
+ * - Custom             — implement this interface for Docker, E2B, Daytona, etc.
+ */
+interface VirtualComputer {
+    executeCommand(command: string, opts?: ExecOptions): Promise<CommandResult>;
+}
+
+export type { CommandResult as C, ExecOptions as E, FileEntry as F, ReadOptions as R, VirtualComputer as V, VirtualFs as a, FileStat as b };

package/dist/docker.d.ts

@@ -0,0 +1,129 @@
+import { S as Sandbox } from './sandbox-9qeMTNrD.js';
+import { V as VirtualComputer, E as ExecOptions, C as CommandResult, a as VirtualFs, R as ReadOptions, F as FileEntry, b as FileStat } from './computer-BPdxSo6X.js';
+
+/**
+ * Minimal subset of the dockerode Container interface used by DockerComputer.
+ * Avoids a hard import of dockerode at the module level.
+ */
+interface DockerContainer {
+    exec(options: Record<string, unknown>): Promise<{
+        start(opts?: Record<string, unknown>): Promise<NodeJS.ReadableStream>;
+        inspect(): Promise<{
+            ExitCode: number;
+        }>;
+    }>;
+}
+interface DockerComputerOptions {
+    /** A dockerode Container instance for the target container. */
+    container: DockerContainer;
+    /** Default working directory for commands (default: /). */
+    defaultCwd?: string;
+    /** Default timeout in ms for commands (default: 30000). */
+    defaultTimeout?: number;
+}
+/**
+ * VirtualComputer backed by command execution inside a Docker container.
+ *
+ * Requires `dockerode` as an optional peer dependency.
+ * The user is responsible for container lifecycle (create, start, stop).
+ */
+declare class DockerComputer implements VirtualComputer {
+    private container;
+    private defaultCwd;
+    private defaultTimeout;
+    constructor(opts: DockerComputerOptions);
+    executeCommand(command: string, opts?: ExecOptions): Promise<CommandResult>;
+}
+
+interface DockerSandboxOptions {
+    /**
+     * A pre-existing dockerode Container instance. When provided the sandbox
+     * attaches to this container directly — no auto-creation occurs and
+     * `dispose()` will **not** stop or remove it.
+     *
+     * When omitted, a new container is created from `image` on the first
+     * `init()` call via a dynamic import of `dockerode`. The auto-created
+     * container is stopped and removed when `dispose()` is called.
+     */
+    container?: DockerContainer;
+    /**
+     * Docker image to use for auto-creation (e.g. `"ubuntu:22.04"`).
+     * Required when `container` is omitted; ignored when `container` is provided.
+     */
+    image?: string;
+    /** Command to run in the auto-created container (default: `["sleep", "infinity"]`). */
+    cmd?: string[];
+    /** Environment variables for the auto-created container. */
+    env?: string[];
+    /** Extra options passed to dockerode `createContainer`. */
+    dockerOptions?: Record<string, unknown>;
+    /** Working directory inside the container. */
+    cwd?: string;
+    /** Default timeout (ms) for shell commands. */
+    defaultTimeout?: number;
+}
+/**
+ * Create a `Sandbox` backed by a Docker container.
+ * Requires `dockerode` as an optional peer dependency.
+ *
+ * **Auto-creation:** When `container` is omitted and `image` is provided,
+ * the container is created and started lazily on the first `init()` call.
+ * The container ID is available through `sandboxId()` for session
+ * persistence. Pass the stored ID back through `init(storedId)` to
+ * reattach to an existing container on resume.
+ *
+ * **Explicit container:** When `container` is provided, `init()` binds
+ * it immediately. `dispose()` is a no-op — the caller owns the
+ * container's lifecycle.
+ *
+ * @example
+ * ```ts
+ * // Auto-create from image
+ * const sandbox = DockerSandbox({ image: "ubuntu:22.04", cwd: "/workspace" });
+ *
+ * // Explicit container (lifecycle managed externally)
+ * const sandbox = DockerSandbox({ container: myDockerodeContainer });
+ * ```
+ */
+declare function DockerSandbox(opts: DockerSandboxOptions): Sandbox;
+
+interface DockerFsOptions {
+    /** A dockerode Container instance for the target container. */
+    container: DockerContainer;
+    /** Working directory for relative path resolution (default: /). */
+    workingDir?: string;
+}
+/**
+ * VirtualFs backed by file operations inside a Docker container.
+ *
+ * Uses `container.exec()` to run filesystem commands (cat, tee, rm, mkdir,
+ * stat, etc.) inside the container. File writes use exec + tee to avoid
+ * tar archive overhead for text content.
+ *
+ * Requires `dockerode` as an optional peer dependency.
+ * The user is responsible for container lifecycle.
+ */
+declare class DockerFs implements VirtualFs {
+    private container;
+    private workingDir;
+    constructor(opts: DockerFsOptions);
+    private resolvePath;
+    private exec;
+    readFile(path: string, _opts?: ReadOptions): Promise<string>;
+    readFileBytes(path: string, maxBytes?: number): Promise<Buffer>;
+    writeFile(path: string, content: string): Promise<void>;
+    appendFile(path: string, content: string): Promise<void>;
+    deleteFile(path: string, opts?: {
+        recursive?: boolean;
+    }): Promise<void>;
+    mkdir(path: string, opts?: {
+        recursive?: boolean;
+    }): Promise<void>;
+    readdir(path: string, _opts?: {
+        recursive?: boolean;
+    }): Promise<FileEntry[]>;
+    exists(path: string): Promise<boolean>;
+    stat(path: string): Promise<FileStat>;
+}
+
+export { DockerComputer, type DockerComputerOptions, type DockerContainer, DockerFs, type DockerFsOptions, DockerSandbox, type DockerSandboxOptions };

package/dist/docker.js

@@ -0,0 +1,401 @@
+import {
+  createComputerProxy,
+  createFsProxy
+} from "./chunk-I5SBSOS6.js";
+import "./chunk-DGUM43GV.js";
+
+// src/virtual/docker-fs.ts
+import * as path from "path";
+var DockerFs = class {
+  container;
+  workingDir;
+  constructor(opts) {
+    this.container = opts.container;
+    this.workingDir = opts.workingDir ?? "/";
+  }
+  resolvePath(p) {
+    if (p.includes("\0")) {
+      throw new Error("Path contains null bytes");
+    }
+    const normalizedBase = this.workingDir.endsWith("/") ? this.workingDir : this.workingDir + "/";
+    if (p.startsWith("/")) {
+      const normalized = path.normalize(p);
+      if (normalized !== this.workingDir && !normalized.startsWith(normalizedBase)) {
+        throw new Error(`Absolute path "${p}" is outside working directory "${this.workingDir}"`);
+      }
+      return normalized;
+    }
+    const resolved = path.resolve(this.workingDir, p);
+    if (resolved !== this.workingDir && !resolved.startsWith(normalizedBase)) {
+      throw new Error(`Path "${p}" escapes working directory "${this.workingDir}"`);
+    }
+    return resolved;
+  }
+  async exec(cmd) {
+    const execInstance = await this.container.exec({
+      Cmd: cmd,
+      AttachStdout: true,
+      AttachStderr: true,
+      Tty: false
+    });
+    const stream = await execInstance.start({ hijack: true, stdin: false });
+    const result = await collectExecStream(stream);
+    const inspection = await execInstance.inspect();
+    return { exitCode: inspection.ExitCode, ...result };
+  }
+  async readFile(path2, _opts) {
+    const resolved = this.resolvePath(path2);
+    const { exitCode, stdout, stderr } = await this.exec([
+      "cat",
+      resolved
+    ]);
+    if (exitCode !== 0) {
+      throw new Error(`DockerFs readFile failed: ${stderr.trim() || `exit code ${exitCode}`}`);
+    }
+    return stdout;
+  }
+  async readFileBytes(path2, maxBytes) {
+    const resolved = this.resolvePath(path2);
+    const cmd = maxBytes !== void 0 ? ["head", "-c", String(maxBytes), resolved] : ["cat", resolved];
+    const { exitCode, stdout, stderr } = await this.exec([
+      "bash",
+      "-c",
+      `${cmd.map(shellEscape).join(" ")} | base64`
+    ]);
+    if (exitCode !== 0) {
+      throw new Error(`DockerFs readFileBytes failed: ${stderr.trim() || `exit code ${exitCode}`}`);
+    }
+    return Buffer.from(stdout.trim(), "base64");
+  }
+  async writeFile(path2, content) {
+    const resolved = this.resolvePath(path2);
+    const dir = resolved.substring(0, resolved.lastIndexOf("/"));
+    if (dir) {
+      await this.exec(["mkdir", "-p", dir]);
+    }
+    const encoded = Buffer.from(content, "utf-8").toString("base64");
+    const MAX_INLINE_LEN = 1e5;
+    if (encoded.length <= MAX_INLINE_LEN) {
+      const { exitCode, stderr } = await this.exec([
+        "bash",
+        "-c",
+        `echo ${shellEscape(encoded)} | base64 -d > ${shellEscape(resolved)}`
+      ]);
+      if (exitCode !== 0) {
+        throw new Error(`DockerFs writeFile failed: ${stderr.trim()}`);
+      }
+    } else {
+      const execInstance = await this.container.exec({
+        Cmd: ["bash", "-c", `base64 -d > ${shellEscape(resolved)}`],
+        AttachStdout: true,
+        AttachStderr: true,
+        AttachStdin: true,
+        Tty: false
+      });
+      const stream = await execInstance.start({ hijack: true, stdin: true });
+      const writable = stream;
+      writable.write(encoded);
+      writable.end();
+      const result = await collectExecStream(stream);
+      const inspection = await execInstance.inspect();
+      if (inspection.ExitCode !== 0) {
+        throw new Error(`DockerFs writeFile failed: ${result.stderr.trim()}`);
+      }
+    }
+  }
+  async appendFile(path2, content) {
+    const resolved = this.resolvePath(path2);
+    const dir = resolved.substring(0, resolved.lastIndexOf("/"));
+    if (dir) {
+      await this.exec(["mkdir", "-p", dir]);
+    }
+    const encoded = Buffer.from(content, "utf-8").toString("base64");
+    const { exitCode, stderr } = await this.exec([
+      "bash",
+      "-c",
+      `echo ${shellEscape(encoded)} | base64 -d >> ${shellEscape(resolved)}`
+    ]);
+    if (exitCode !== 0) {
+      throw new Error(`DockerFs appendFile failed: ${stderr.trim()}`);
+    }
+  }
+  async deleteFile(path2, opts) {
+    const resolved = this.resolvePath(path2);
+    const args = opts?.recursive ? ["rm", "-rf", resolved] : ["rm", "-f", resolved];
+    await this.exec(args);
+  }
+  async mkdir(path2, opts) {
+    const resolved = this.resolvePath(path2);
+    const args = opts?.recursive ? ["mkdir", "-p", resolved] : ["mkdir", resolved];
+    await this.exec(args);
+  }
+  async readdir(path2, _opts) {
+    const resolved = this.resolvePath(path2);
+    const { exitCode, stdout, stderr } = await this.exec([
+      "bash",
+      "-c",
+      `find ${shellEscape(resolved)} -maxdepth 1 -mindepth 1 -printf '%y %p\\n' 2>/dev/null`
+    ]);
+    if (exitCode !== 0 && stderr.trim()) {
+      throw new Error(`DockerFs readdir failed: ${stderr.trim()}`);
+    }
+    const entries = [];
+    for (const line of stdout.trim().split("\n")) {
+      if (!line) continue;
+      const spaceIdx = line.indexOf(" ");
+      const type = line.substring(0, spaceIdx);
+      const fullPath = line.substring(spaceIdx + 1);
+      const name = fullPath.substring(fullPath.lastIndexOf("/") + 1);
+      entries.push({
+        name,
+        path: fullPath,
+        isDirectory: type === "d",
+        isFile: type === "f"
+      });
+    }
+    return entries;
+  }
+  async exists(path2) {
+    const resolved = this.resolvePath(path2);
+    const { exitCode } = await this.exec(["test", "-e", resolved]);
+    return exitCode === 0;
+  }
+  async stat(path2) {
+    const resolved = this.resolvePath(path2);
+    const { exitCode, stdout, stderr } = await this.exec([
+      "stat",
+      "-c",
+      "%s	%F	%W	%Y",
+      resolved
+    ]);
+    if (exitCode !== 0) {
+      throw new Error(`DockerFs stat failed: ${stderr.trim() || `exit code ${exitCode}`}`);
+    }
+    const parts = stdout.trim().split("	");
+    const size = parseInt(parts[0], 10);
+    const fileType = parts[1];
+    const createdEpoch = parseInt(parts[2], 10);
+    const modifiedEpoch = parseInt(parts[3], 10);
+    return {
+      size,
+      isDirectory: fileType === "directory",
+      isFile: fileType.startsWith("regular"),
+      createdAt: createdEpoch > 0 ? new Date(createdEpoch * 1e3) : void 0,
+      modifiedAt: modifiedEpoch > 0 ? new Date(modifiedEpoch * 1e3) : void 0
+    };
+  }
+};
+function shellEscape(s) {
+  return `'${s.replace(/'/g, "'\\''")}'`;
+}
+function collectExecStream(stream) {
+  return new Promise((resolve2, reject) => {
+    const stdoutBufs = [];
+    const stderrBufs = [];
+    let pending = Buffer.alloc(0);
+    stream.on("data", (chunk) => {
+      let buf = pending.length > 0 ? Buffer.concat([pending, chunk]) : chunk;
+      let offset = 0;
+      while (offset + 8 <= buf.length) {
+        const payloadLen = buf.readUInt32BE(offset + 4);
+        if (offset + 8 + payloadLen > buf.length) break;
+        const streamType = buf[offset];
+        const payload = buf.subarray(offset + 8, offset + 8 + payloadLen);
+        if (streamType === 2) {
+          stderrBufs.push(payload);
+        } else {
+          stdoutBufs.push(payload);
+        }
+        offset += 8 + payloadLen;
+      }
+      pending = offset < buf.length ? buf.subarray(offset) : Buffer.alloc(0);
+    });
+    stream.on("end", () => {
+      resolve2({
+        stdout: Buffer.concat(stdoutBufs).toString("utf-8"),
+        stderr: Buffer.concat(stderrBufs).toString("utf-8")
+      });
+    });
+    stream.on("error", (err) => reject(err));
+  });
+}
+
+// src/virtual/docker-computer.ts
+var DockerComputer = class {
+  container;
+  defaultCwd;
+  defaultTimeout;
+  constructor(opts) {
+    this.container = opts.container;
+    this.defaultCwd = opts.defaultCwd ?? "/";
+    this.defaultTimeout = opts.defaultTimeout ?? 3e4;
+  }
+  async executeCommand(command, opts) {
+    const cwd = opts?.cwd ?? this.defaultCwd;
+    const timeout = opts?.timeout ?? this.defaultTimeout;
+    const execOpts = {
+      Cmd: ["bash", "-c", `cd ${shellEscape2(cwd)} && ${command}`],
+      AttachStdout: true,
+      AttachStderr: true,
+      Tty: false
+    };
+    if (opts?.env) {
+      execOpts.Env = Object.entries(opts.env).map(
+        ([k, v]) => `${k}=${v}`
+      );
+    }
+    const exec = await this.container.exec(execOpts);
+    const stream = await exec.start({ hijack: true, stdin: false });
+    const { stdout, stderr } = await collectStream(stream, timeout);
+    const inspection = await exec.inspect();
+    return {
+      exitCode: inspection.ExitCode,
+      stdout,
+      stderr
+    };
+  }
+};
+function shellEscape2(s) {
+  return `'${s.replace(/'/g, "'\\''")}'`;
+}
+function collectStream(stream, timeout) {
+  return new Promise((resolve2, reject) => {
+    const stdoutBufs = [];
+    const stderrBufs = [];
+    let pending = Buffer.alloc(0);
+    const timer = setTimeout(() => {
+      stream.destroy?.();
+      resolve2({
+        stdout: Buffer.concat(stdoutBufs).toString("utf-8"),
+        stderr: Buffer.concat(stderrBufs).toString("utf-8") + "\n[timeout after " + timeout + "ms]"
+      });
+    }, timeout);
+    stream.on("data", (chunk) => {
+      let buf = pending.length > 0 ? Buffer.concat([pending, chunk]) : chunk;
+      let offset = 0;
+      while (offset + 8 <= buf.length) {
+        const payloadLen = buf.readUInt32BE(offset + 4);
+        if (offset + 8 + payloadLen > buf.length) break;
+        const streamType = buf[offset];
+        const payload = buf.subarray(offset + 8, offset + 8 + payloadLen);
+        if (streamType === 2) {
+          stderrBufs.push(payload);
+        } else {
+          stdoutBufs.push(payload);
+        }
+        offset += 8 + payloadLen;
+      }
+      pending = offset < buf.length ? buf.subarray(offset) : Buffer.alloc(0);
+    });
+    stream.on("end", () => {
+      clearTimeout(timer);
+      resolve2({
+        stdout: Buffer.concat(stdoutBufs).toString("utf-8"),
+        stderr: Buffer.concat(stderrBufs).toString("utf-8")
+      });
+    });
+    stream.on("error", (err) => {
+      clearTimeout(timer);
+      reject(err);
+    });
+  });
+}
+
+// src/virtual/docker-sandbox.ts
+function DockerSandbox(opts) {
+  if (opts.container) {
+    const c = opts.container;
+    return {
+      fs: new DockerFs({ container: c, workingDir: opts.cwd }),
+      computer: new DockerComputer({
+        container: c,
+        defaultCwd: opts.cwd,
+        defaultTimeout: opts.defaultTimeout
+      }),
+      sandboxId: () => c.id
+    };
+  }
+  if (!opts.image) {
+    throw new Error("DockerSandbox requires either `container` or `image`");
+  }
+  const fsProxy = createFsProxy();
+  const computerProxy = createComputerProxy();
+  let containerId;
+  let containerRef;
+  let autoCreated = false;
+  let initPromise = null;
+  async function doInit(reconnectId) {
+    const Docker = (await import("dockerode")).default;
+    const docker = new Docker();
+    let container;
+    if (reconnectId) {
+      container = docker.getContainer(reconnectId);
+      try {
+        await container.inspect();
+      } catch {
+        container = await docker.createContainer({
+          Image: opts.image,
+          Cmd: opts.cmd ?? ["sleep", "infinity"],
+          Env: opts.env,
+          Tty: false,
+          ...opts.dockerOptions
+        });
+        await container.start();
+        autoCreated = true;
+      }
+    } else {
+      container = await docker.createContainer({
+        Image: opts.image,
+        Cmd: opts.cmd ?? ["sleep", "infinity"],
+        Env: opts.env,
+        Tty: false,
+        ...opts.dockerOptions
+      });
+      await container.start();
+      autoCreated = true;
+    }
+    containerRef = container;
+    containerId = container.id;
+    fsProxy.setTarget(new DockerFs({ container, workingDir: opts.cwd }));
+    computerProxy.setTarget(new DockerComputer({
+      container,
+      defaultCwd: opts.cwd,
+      defaultTimeout: opts.defaultTimeout
+    }));
+  }
+  return {
+    fs: fsProxy,
+    computer: computerProxy,
+    sandboxId: () => containerId,
+    init(sandboxId) {
+      if (!initPromise) {
+        initPromise = doInit(sandboxId).catch((err) => {
+          initPromise = null;
+          throw err;
+        });
+      }
+      return initPromise;
+    },
+    async dispose() {
+      if (initPromise) {
+        await initPromise.catch(() => {
+        });
+      }
+      if (!autoCreated || !containerRef) return;
+      try {
+        await containerRef.stop();
+      } catch {
+      }
+      try {
+        await containerRef.remove();
+      } catch {
+      }
+    }
+  };
+}
+export {
+  DockerComputer,
+  DockerFs,
+  DockerSandbox
+};
+//# sourceMappingURL=docker.js.map