pi-landstrip 0.2.1 → 0.3.1

package/README.md

@@ -3,23 +3,17 @@
 Landlock-based sandboxing for [pi](https://pi.dev/) using
 [`landstrip`](https://github.com/jarkkojs/landstrip).
 
-## Prerequisites
-
-Install `landstrip` and make sure it is on the `PATH` used to launch pi:
-
-```bash
-cargo install landstrip
-```
-
-`landstrip` supports Linux, macOS, and Windows. On other platforms this extension loads
-but leaves sandboxing disabled.
-
 ## Install
 
 ```bash
 pi install npm:pi-landstrip
 ```
 
+This installs `pi-landstrip` and its `@jarkkojs/landstrip` dependency, which
+includes platform-specific native binaries for Linux, macOS, and Windows.
+
+On unsupported platforms the extension loads but leaves sandboxing disabled.
+
 ## Configure
 
 Create `.pi/sandbox.json` in a project or `~/.pi/agent/sandbox.json` globally.

package/index.ts

@@ -10,6 +10,8 @@ import type {
   ExtensionContext,
 } from '@earendil-works/pi-coding-agent';
 
+import { binaryPath } from '@jarkkojs/landstrip';
+
 import { spawn, spawnSync } from 'node:child_process';
 import {
   existsSync,
@@ -50,16 +52,10 @@ interface SandboxNetworkConfig {
   deniedDomains: string[];
 }
 
-interface LandstripConfig {
-  command: string;
-  debug: boolean;
-}
-
 interface SandboxConfig {
   enabled: boolean;
   network: SandboxNetworkConfig;
   filesystem: SandboxFilesystemConfig;
-  landstrip: LandstripConfig;
 }
 
 interface LandstripPolicy {
@@ -72,7 +68,15 @@ interface LandstripPolicy {
   filesystem: SandboxFilesystemConfig;
 }
 
-const LANDSTRIP_VERSION = [0, 8, 3] as const;
+interface LandstripErrorResponse {
+  category: 'policy' | 'tool' | 'platform' | 'system';
+  file?: string;
+  program?: string;
+  type?: 'filesystem' | 'network' | 'platform' | 'launch' | 'encoding';
+  message: string;
+}
+
+const LANDSTRIP_VERSION = [0, 9, 5] as const;
 const SUPPORTED_PLATFORMS = new Set<NodeJS.Platform>(['linux', 'darwin', 'win32']);
 
 const DEFAULT_CONFIG: SandboxConfig = {
@@ -104,10 +108,6 @@ const DEFAULT_CONFIG: SandboxConfig = {
     allowWrite: ['.', '/tmp'],
     denyWrite: ['.env', '.env.*', '*.pem', '*.key'],
   },
-  landstrip: {
-    command: 'landstrip',
-    debug: false,
-  },
 };
 
 type PermissionChoice = 'abort' | 'session' | 'project' | 'global';
@@ -176,10 +176,6 @@ function deepMerge(base: SandboxConfig, overrides: Partial<SandboxConfig>): Sand
       ...base.filesystem,
       ...overrides.filesystem,
     },
-    landstrip: {
-      ...base.landstrip,
-      ...overrides.landstrip,
-    },
   };
 }
 
@@ -344,6 +340,55 @@ function extractBlockedWritePath(output: string, cwd: string): string | null {
   return match ? normalizeBlockedPath(match[1], cwd) : null;
 }
 
+function parseLandstripErrors(output: string): LandstripErrorResponse[] {
+  const errors: LandstripErrorResponse[] = [];
+
+  for (const line of output.split('\n')) {
+    try {
+      const parsed = JSON.parse(line);
+
+      if (
+        typeof parsed === 'object' &&
+        parsed !== null &&
+        typeof parsed.category === 'string' &&
+        ['policy', 'tool', 'platform', 'system'].includes(parsed.category) &&
+        (parsed.type === undefined ||
+          (typeof parsed.type === 'string' &&
+            ['filesystem', 'network', 'platform', 'launch', 'encoding'].includes(parsed.type))) &&
+        typeof parsed.message === 'string' &&
+        parsed.message.length > 0
+      ) {
+        errors.push(parsed as LandstripErrorResponse);
+      }
+    } catch {
+      // ignore non-JSON lines
+    }
+  }
+
+  return errors;
+}
+
+function formatLandstripErrors(errors: LandstripErrorResponse[]): string {
+  return errors
+    .map((err) => {
+      const parts: string[] = [`landstrip: ${err.category}`];
+
+      if (err.file) {
+        parts.push(` (${err.file})`);
+      }
+      if (err.program) {
+        parts.push(` ${err.program}`);
+      }
+      if (err.type) {
+        parts.push(`:${err.type}`);
+      }
+      parts.push(`: ${err.message}`);
+
+      return parts.join('');
+    })
+    .join('\n');
+}
+
 async function showPermissionPrompt(
   ctx: ExtensionContext,
   title: string,
@@ -472,8 +517,8 @@ function promptWriteBlock(ctx: ExtensionContext, filePath: string): Promise<Perm
   );
 }
 
-function landstripVersion(command: string): string | null {
-  const result = spawnSync(command, ['--version'], { encoding: 'utf-8' });
+function landstripVersion(): string | null {
+  const result = spawnSync(binaryPath(), ['--version'], { encoding: 'utf-8' });
   if (result.status !== 0) return null;
   return result.stdout.trim();
 }
@@ -785,23 +830,18 @@ export default function (pi: ExtensionAPI) {
     });
   }
 
-  function createLandstripBashOps(ctx: ExtensionContext): BashOperations {
+  function createLandstripBashOps(
+    ctx: ExtensionContext,
+    onStderr: (data: Buffer) => void = () => {},
+  ): BashOperations {
     return {
       async exec(command, cwd, { onData, signal, timeout, env }) {
         if (!existsSync(cwd)) throw new Error(`Working directory does not exist: ${cwd}`);
 
-        const config = loadConfig(cwd);
         const { shell, args } = getShellConfig(userShellPath);
         const proxy = await startProxy(ctx, cwd);
         const policy = writePolicyFile(cwd, proxy.port);
-        const landstripArgs = [
-          ...(config.landstrip.debug ? ['--debug'] : []),
-          '-p',
-          policy.path,
-          shell,
-          ...args,
-          command,
-        ];
+        const landstripArgs = ['-p', policy.path, shell, ...args, command];
 
         return new Promise((resolvePromise, reject) => {
           let timeoutHandle: NodeJS.Timeout | undefined;
@@ -817,7 +857,7 @@ export default function (pi: ExtensionAPI) {
             rmSync(policy.dir, { recursive: true, force: true });
           };
 
-          const child = spawn(config.landstrip.command, landstripArgs, {
+          const child = spawn(binaryPath(), landstripArgs, {
             cwd,
             env: proxyEnv(env, proxy.port),
             detached: true,
@@ -846,7 +886,10 @@ export default function (pi: ExtensionAPI) {
 
           signal?.addEventListener('abort', onAbort, { once: true });
           child.stdout?.on('data', onData);
-          child.stderr?.on('data', onData);
+          child.stderr?.on('data', (data: Buffer) => {
+            onStderr(data);
+            onData(data);
+          });
 
           child.on('error', (error) => {
             cleanup();
@@ -875,17 +918,34 @@ export default function (pi: ExtensionAPI) {
     onUpdate: AgentToolUpdateCallback<BashToolDetails | undefined> | undefined,
     ctx: ExtensionContext,
   ): Promise<AgentToolResult<BashToolDetails | undefined>> {
+    let landstripStderr = '';
     const sandboxedBash = createBashToolDefinition(localCwd, {
-      operations: createLandstripBashOps(ctx),
+      operations: createLandstripBashOps(ctx, (data) => {
+        landstripStderr += data.toString('utf8');
+      }),
       shellPath: userShellPath,
     });
 
     const run = () => sandboxedBash.execute(id, params, signal, onUpdate, ctx);
-    const result = await run();
+    let result: AgentToolResult<BashToolDetails | undefined>;
+    try {
+      result = await run();
+    } catch (error) {
+      const landstripErrors = parseLandstripErrors(landstripStderr);
+      if (landstripErrors.length > 0) {
+        throw new Error(formatLandstripErrors(landstripErrors));
+      }
+      throw error;
+    }
     const outputText = result.content
       .filter((content) => content.type === 'text')
       .map((content) => content.text)
       .join('\n');
+    const landstripErrors = parseLandstripErrors(landstripStderr);
+    if (landstripErrors.length > 0) {
+      const message = formatLandstripErrors(landstripErrors);
+      result.content.unshift({ type: 'text', text: `\n${message}\n` });
+    }
     const blockedPath = extractBlockedWritePath(outputText, ctx.cwd);
 
     if (!blockedPath || !ctx.hasUI) return result;
@@ -956,18 +1016,21 @@ export default function (pi: ExtensionAPI) {
       return false;
     }
 
-    const version = landstripVersion(config.landstrip.command);
+    const version = landstripVersion();
     if (!version) {
       sandboxEnabled = false;
       sandboxReady = false;
-      ctx.ui.notify(`landstrip was not found. Install it with: cargo install landstrip`, 'error');
+      ctx.ui.notify(
+        `landstrip was not found. Reinstall with: npm install @jarkkojs/landstrip`,
+        'error',
+      );
       return false;
     }
 
     if (!hasMinimumVersion(version, LANDSTRIP_VERSION)) {
       sandboxEnabled = false;
       sandboxReady = false;
-      ctx.ui.notify(`landstrip 0.8.3 or newer is required; found: ${version}`, 'error');
+      ctx.ui.notify(`landstrip 0.9.5 or newer is required; found: ${version}`, 'error');
       return false;
     }
 
@@ -1127,7 +1190,7 @@ export default function (pi: ExtensionAPI) {
         'Sandbox Configuration',
         `  Project config: ${projectPath}`,
         `  Global config:  ${globalPath}`,
-        `  landstrip:      ${config.landstrip.command}`,
+        `  landstrip:      ${binaryPath()}`,
         '',
         'Network (bash through HTTP proxy):',
         `  Allowed domains: ${config.network.allowedDomains.join(', ') || '(none)'}`,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pi-landstrip",
-  "version": "0.2.1",
+  "version": "0.3.1",
   "description": "Landlock-based sandboxing for pi with interactive permission prompts",
   "keywords": [
     "landstrip",
@@ -29,7 +29,8 @@
     "ci:check": "npm run check"
   },
   "dependencies": {
-    "@earendil-works/pi-tui": "^0.78.0"
+    "@earendil-works/pi-tui": "^0.78.0",
+    "@jarkkojs/landstrip": "^0.9.5"
   },
   "devDependencies": {
     "@earendil-works/pi-coding-agent": "^0.78.0",