pi-landstrip 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +1 -1
  2. package/index.ts +1 -1
  3. package/package.json +1 -1
  4. package/sandbox.json +33 -2
package/README.md CHANGED
@@ -11,7 +11,7 @@ Install `landstrip` and make sure it is on the `PATH` used to launch pi:
11
11
  cargo install landstrip
12
12
  ```
13
13
 
14
- `landstrip` currently targets Linux. On other platforms this extension loads
14
+ `landstrip` supports Linux, macOS, and Windows. On other platforms this extension loads
15
15
  but leaves sandboxing disabled.
16
16
 
17
17
  ## Install
package/index.ts CHANGED
@@ -100,7 +100,7 @@ const DEFAULT_CONFIG: SandboxConfig = {
100
100
  },
101
101
  filesystem: {
102
102
  denyRead: ['/Users', '/home'],
103
- allowRead: ['.', '~/.config', '~/.local', '~/.cargo'],
103
+ allowRead: ['.', '~/.config', '~/.gitconfig', '~/.local', '~/.cargo'],
104
104
  allowWrite: ['.', '/tmp'],
105
105
  denyWrite: ['.env', '.env.*', '*.pem', '*.key'],
106
106
  },
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "pi-landstrip",
3
- "version": "0.2.0",
3
+ "version": "0.2.1",
4
4
  "description": "Landlock-based sandboxing for pi with interactive permission prompts",
5
5
  "keywords": [
6
6
  "landstrip",
package/sandbox.json CHANGED
@@ -7,9 +7,15 @@
7
7
  "allowedDomains": [
8
8
  "github.com",
9
9
  "*.github.com",
10
+ "api.github.com",
10
11
  "raw.githubusercontent.com",
12
+ "objects.githubusercontent.com",
13
+ "codeload.github.com",
11
14
  "registry.npmjs.org",
15
+ "npmjs.org",
12
16
  "*.npmjs.org",
17
+ "nodejs.org",
18
+ "*.nodejs.org",
13
19
  "crates.io",
14
20
  "*.crates.io",
15
21
  "static.crates.io"
@@ -18,8 +24,33 @@
18
24
  },
19
25
  "filesystem": {
20
26
  "denyRead": ["/home"],
21
- "allowRead": [".", "~/.config", "~/.local", "~/.cargo"],
22
- "allowWrite": [".", "/tmp", "~/.cargo", "~/.rustup"],
27
+ "allowRead": [
28
+ ".",
29
+ "/tmp",
30
+ "/var/tmp",
31
+ "/dev/null",
32
+ "~/.config",
33
+ "~/.gitconfig",
34
+ "~/.local",
35
+ "~/.cargo",
36
+ "~/.rustup",
37
+ "~/.npm",
38
+ "~/.cache",
39
+ "~/.bun",
40
+ "~/.node-gyp"
41
+ ],
42
+ "allowWrite": [
43
+ ".",
44
+ "/tmp",
45
+ "/var/tmp",
46
+ "/dev/null",
47
+ "~/.cargo",
48
+ "~/.rustup",
49
+ "~/.npm",
50
+ "~/.cache",
51
+ "~/.bun",
52
+ "~/.node-gyp"
53
+ ],
23
54
  "denyWrite": [".env", ".env.*", "*.pem", "*.key"]
24
55
  }
25
56
  }