opencode-landstrip 0.16.19 → 0.16.21

package/README.md

@@ -54,6 +54,10 @@ The plugin can be later on disabled as follows:
 }
 ```
 
+The `/sandbox` command shows the current configuration and toggles the sandbox
+on or off. The toggle persists `enabled` to the project config when it already
+sets it, otherwise to the global config.
+
 ## Behavior
 
 When OpenCode asks for a sandboxed permission, the plugin emits a host

package/index.ts

@@ -18,7 +18,6 @@ import {
   formatLandstripTraps,
   getConfigPaths,
   isRecord,
-  isSandboxDisabled,
   landstripBinaryPath,
   loadConfig,
   normalizeOptions,
@@ -27,7 +26,6 @@ import {
   permissionType,
   sandboxSummary,
   sessionScopeFor,
-  setSandboxDisabled,
 } from './shared.js';
 
 interface LandstripPolicy {
@@ -840,10 +838,6 @@ const plugin: Plugin = async ({ client, directory }: PluginInput, options?: Plug
     return [...config.filesystem.allowWrite, ...sessionAllowedWritePaths];
   }
   let enabledNotified = false;
-  let sandboxDisabled = false;
-  // A previous session may have left a disable flag for this directory; start
-  // enabled so /sandbox-disable stays scoped to the current session.
-  setSandboxDisabled(directory, false);
   let configuredShell: string | undefined;
   let landstripCheck: { ok: true; version: string } | { ok: false; reason: string } | undefined;
 
@@ -897,9 +891,7 @@ const plugin: Plugin = async ({ client, directory }: PluginInput, options?: Plug
 
   function buildSandboxSummary(config: SandboxConfig): string {
     const { globalPath, projectPath } = getConfigPaths(directory);
-    const statusText =
-      sandboxDisabled || isSandboxDisabled(directory) ? 'disabled for this session' : undefined;
-    const report = sandboxSummary(config, globalPath, projectPath, statusText);
+    const report = sandboxSummary(config, globalPath, projectPath);
     return ['# Sandbox Configuration', '', report].join('\n');
   }
 
@@ -1003,10 +995,6 @@ const plugin: Plugin = async ({ client, directory }: PluginInput, options?: Plug
   }
 
   async function activeConfig(): Promise<SandboxConfig | null> {
-    // The flag file lets the TUI plugin pause the sandbox cross-process; the
-    // in-memory bool covers the server's own command path.
-    if (sandboxDisabled || isSandboxDisabled(directory)) return null;
-
     const config = loadConfig(directory, optionOverrides);
     if (!config.enabled) {
       await notifyOnce(
@@ -1392,72 +1380,6 @@ const plugin: Plugin = async ({ client, directory }: PluginInput, options?: Plug
         return;
       }
 
-      if (command === 'sandbox-disable') {
-        if (sandboxDisabled || isSandboxDisabled(directory)) {
-          pushCommandText(
-            input,
-            output,
-            'Sandbox is already disabled. Use /sandbox-enable to re-enable.',
-          );
-          return;
-        }
-        sandboxDisabled = true;
-        setSandboxDisabled(directory, true);
-        pushCommandText(
-          input,
-          output,
-          'Sandbox disabled for this session. Use /sandbox-enable to re-enable.',
-        );
-        await client.tui
-          ?.showToast?.({
-            body: {
-              title: 'Sandbox',
-              message: 'Sandbox disabled for this session. Use /sandbox-enable to re-enable.',
-              variant: 'warning',
-            },
-          })
-          ?.catch?.(() => undefined);
-        return;
-      }
-
-      if (command === 'sandbox-enable') {
-        if (!sandboxDisabled && !isSandboxDisabled(directory)) {
-          pushCommandText(
-            input,
-            output,
-            'Sandbox is already enabled. Use /sandbox-disable to pause.',
-          );
-          return;
-        }
-        sandboxDisabled = false;
-        setSandboxDisabled(directory, false);
-        const config = await activeConfig();
-        if (!config) {
-          pushCommandText(
-            input,
-            output,
-            'Sandbox re-enabled but no sandbox.json5 found — no rules active.\nCreate sandbox.json5 to enforce sandboxing.',
-          );
-          await client.tui
-            ?.showToast?.({
-              body: {
-                title: 'Sandbox',
-                message: 'Sandbox re-enabled but no sandbox.json5 found — no rules active.',
-                variant: 'warning',
-              },
-            })
-            ?.catch?.(() => undefined);
-        } else {
-          pushCommandText(input, output, 'Sandbox re-enabled.');
-          await client.tui
-            ?.showToast?.({
-              body: { title: 'Sandbox', message: 'Sandbox re-enabled.', variant: 'success' },
-            })
-            ?.catch?.(() => undefined);
-        }
-        return;
-      }
-
       // Check domain and filesystem in user shell commands (commands starting with !)
       if (input.command.startsWith('!')) {
         const shellCommand = input.command.slice(1).trim();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-landstrip",
-  "version": "0.16.19",
+  "version": "0.16.21",
   "description": "Landlock-based sandboxing for opencode with landstrip",
   "keywords": [
     "landlock",
@@ -49,7 +49,7 @@
     "ci:test": "npm test"
   },
   "dependencies": {
-    "@landstrip/landstrip": "^0.16.14"
+    "@landstrip/landstrip": "^0.16.15"
   },
   "devDependencies": {
     "@opencode-ai/plugin": "^1.17.7",

package/shared.ts

@@ -542,24 +542,19 @@ export function discoveryFilePath(baseDirectory: string): string {
   return join(discoveryDir(), `port-${directoryHash(baseDirectory)}.json`);
 }
 
-// /sandbox-disable pauses the sandbox per-directory. The flag lives beside the
-// discovery file so the TUI plugin (which runs the command) and the server
-// plugin (which gates wrapping) agree even though they are separate processes.
-export function disableFlagPath(baseDirectory: string): string {
-  return join(discoveryDir(), `disabled-${directoryHash(baseDirectory)}`);
-}
-
-export function setSandboxDisabled(baseDirectory: string, disabled: boolean): void {
-  if (disabled) {
-    mkdirSync(discoveryDir(), { recursive: true, mode: 0o700 });
-    writeFileSync(disableFlagPath(baseDirectory), `${process.pid}\n`);
-  } else {
-    rmSync(disableFlagPath(baseDirectory), { force: true });
-  }
-}
-
-export function isSandboxDisabled(baseDirectory: string): boolean {
-  return existsSync(disableFlagPath(baseDirectory));
+// /sandbox toggles the persisted `enabled` flag. Write it where the setting
+// already lives — the project config if it sets `enabled`, otherwise the global
+// config — and return the scope written so the UI can report it.
+export function setSandboxConfigEnabled(
+  baseDirectory: string,
+  enabled: boolean,
+): 'project' | 'global' {
+  const { globalPath, projectPath } = getConfigPaths(baseDirectory);
+  const projectConfig = readConfigFile(projectPath);
+  const useProject = projectConfig !== null && projectConfig.enabled !== undefined;
+  const target = useProject ? projectPath : globalPath;
+  writeConfigFile(target, { enabled });
+  return useProject ? 'project' : 'global';
 }
 
 export function writeDiscoveryPort(baseDirectory: string, port: number): void {

package/tui.ts

@@ -15,7 +15,7 @@ import {
   sessionAllows,
   sandboxSummary,
   sessionScopeFor,
-  setSandboxDisabled,
+  setSandboxConfigEnabled,
   updateForPermission,
   writeConfigFile,
   writeDiscoveryPort,
@@ -447,74 +447,49 @@ const tui: TuiPlugin = async (api, options, meta) => {
     });
   }
 
+  // /sandbox shows the config and toggles the persisted `enabled` flag. The
+  // server reads sandbox.json on every tool call, so the toggle takes effect on
+  // the next command without any cross-process signalling.
   const showSandbox = () => {
     const directory = api.state.path.directory || process.cwd();
     const config = loadConfig(directory, optionOverrides);
     const { globalPath, projectPath } = getConfigPaths(directory);
+    const next = !config.enabled;
     const message =
-      sandboxSummary(config, globalPath, projectPath) + '\n\nPress esc or enter to close';
+      sandboxSummary(config, globalPath, projectPath) +
+      `\n\n${next ? 'Enable' : 'Disable'} the sandbox?  (enter = ${next ? 'enable' : 'disable'}, esc = close)`;
 
-    // No `onConfirm`/`onClose` that call `clear()`: the host already pops the
-    // dialog on enter/esc/click, and its `clear()` re-invokes every entry's
-    // `onClose`, so a `clear()` in there recurses forever and freezes the TUI.
+    // No `clear()` in onConfirm: the host pops the dialog itself, and its
+    // `clear()` re-invokes onClose, which would recurse and freeze the TUI.
     api.ui.dialog.replace(() =>
-      api.ui.DialogAlert({
-        title: 'Sandbox Configuration',
+      api.ui.DialogConfirm({
+        title: 'Sandbox',
         message,
+        onConfirm: () => {
+          const scope = setSandboxConfigEnabled(directory, next);
+          api.ui.toast({
+            title: 'Sandbox',
+            message: `Sandbox ${next ? 'enabled' : 'disabled'} (${scope} config)`,
+            variant: next ? 'success' : 'warning',
+          });
+        },
       }),
     );
   };
 
-  // Toggle the per-directory disable flag directly. The server plugin gates
-  // wrapping on this flag, so disabling works without depending on a command
-  // round-trip reaching the server's command hook.
-  const setSandbox = (disabled: boolean): boolean => {
-    setSandboxDisabled(api.state.path.directory || process.cwd(), disabled);
-    api.ui.toast({
-      title: 'Sandbox',
-      message: disabled
-        ? 'Sandbox disabled for this session. Use /sandbox-enable to re-enable.'
-        : 'Sandbox re-enabled.',
-      variant: disabled ? 'warning' : 'success',
-    });
-    return true;
-  };
-
   api.keymap.registerLayer({
     commands: [
       {
         namespace: 'palette',
         name: 'sandbox',
         title: 'Sandbox',
-        desc: 'Show sandbox configuration',
+        desc: 'Show config and toggle the sandbox',
         category: 'Sandbox',
         suggested: true,
         slash: { name: 'sandbox' },
         slashName: 'sandbox',
         run: showSandbox,
       },
-      {
-        namespace: 'palette',
-        name: 'sandbox-disable',
-        title: 'Disable sandbox',
-        desc: 'Disable sandbox for this session',
-        category: 'Sandbox',
-        suggested: true,
-        slash: { name: 'sandbox-disable' },
-        slashName: 'sandbox-disable',
-        run: () => setSandbox(true),
-      },
-      {
-        namespace: 'palette',
-        name: 'sandbox-enable',
-        title: 'Enable sandbox',
-        desc: 'Re-enable sandbox for this session',
-        category: 'Sandbox',
-        suggested: true,
-        slash: { name: 'sandbox-enable' },
-        slashName: 'sandbox-enable',
-        run: () => setSandbox(false),
-      },
     ],
   });
 
@@ -522,30 +497,12 @@ const tui: TuiPlugin = async (api, options, meta) => {
     {
       title: 'Sandbox',
       value: 'sandbox',
-      description: 'Show sandbox configuration',
+      description: 'Show config and toggle the sandbox',
       category: 'Sandbox',
       suggested: true,
       slash: { name: 'sandbox' },
       onSelect: showSandbox,
     },
-    {
-      title: 'Disable sandbox',
-      value: 'sandbox-disable',
-      description: 'Disable sandbox for this session',
-      category: 'Sandbox',
-      suggested: true,
-      slash: { name: 'sandbox-disable' },
-      onSelect: () => setSandbox(true),
-    },
-    {
-      title: 'Enable sandbox',
-      value: 'sandbox-enable',
-      description: 'Re-enable sandbox for this session',
-      category: 'Sandbox',
-      suggested: true,
-      slash: { name: 'sandbox-enable' },
-      onSelect: () => setSandbox(false),
-    },
   ]);
 
   // Persistent status badge in the prompt area. It needs the host's Solid