sandbox 2.1.0 → 2.2.0

package/README.md

@@ -1,8 +1,7 @@
 # Vercel Sandbox CLI
 
-Command line interface for Vercel Sandbox.
-
-Read the full documentation at [vercel.com/docs/vercel-sandbox/cli-reference](https://vercel.com/docs/vercel-sandbox/cli-reference).
+Vercel Sandbox allows you to run arbitrary code in isolated, ephemeral Linux
+VMs. View the documentation [here](https://vercel.com/docs/vercel-sandbox).
 
 ## Packages
 
@@ -18,7 +17,10 @@ pnpm i -g sandbox
 ## Usage
 
 ```bash
-sandbox create # Create a new sandbox
+sandbox login # If you are not already logged in with the Vercel CLI
+sandbox create --connect # Create a new sandbox and open an interactive shell
 sandbox ls # List your sandboxes
 sandbox --help # View all commands
 ```
+
+Learn more about the CLI in the [documentation](https://vercel.com/docs/vercel-sandbox/cli-reference).

package/dist/{app-DtmaeGtx.mjs → app-BNIol84k.mjs}

@@ -7046,7 +7046,7 @@ const token = import_cjs$18.option({
 			if (!auth || !auth.token) throw new Error([
 				`Failed to retrieve authentication token.`,
 				`${source_default.bold("hint:")} Try logging in again with \`sandbox login\`.`,
-				"╰▶ Docs: https://vercel.com/docs/sandbox"
+				"╰▶ Docs: https://vercel.com/docs/vercel-sandbox/cli-reference#authentication"
 			].join("\n"));
 			return auth.token;
 		}
@@ -7292,7 +7292,7 @@ const scope = {
 
 //#endregion
 //#region package.json
-var version = "2.1.0";
+var version = "2.2.0";
 
 //#endregion
 //#region src/error.ts
@@ -7354,12 +7354,13 @@ async function handleApiError(error) {
 	const tmpPath = await writeResponseToTemp(error);
 	const status = error.response.status;
 	throw new StyledError([
-		getErrorMessage(status),
+		ApiErrorResponse.safeParse(error.json).data?.error.message ?? getErrorMessage(status),
 		`├▶ requested url: ${error.response.url}`,
 		`├▶ status code: ${status} ${error.response.statusText}`,
 		`╰▶ ${source_default.bold("hint:")} the full response buffer is stored in ${source_default.italic(tmpPath)}`
 	].join("\n"), error);
 }
+const ApiErrorResponse = z$1.object({ error: z$1.object({ message: z$1.string() }) });
 function getErrorMessage(status) {
 	if (status === 401 || status === 403) return "Sandbox API request failed due to authentication. Check your token or run `sandbox login`.";
 	if (status === 404) return "Sandbox API request failed: resource not found.";
@@ -7392,190 +7393,11 @@ const snapshotId = import_cjs$16.extendType(import_cjs$16.string, {
 	}
 });
 
-//#endregion
-//#region src/args/network-policy.ts
-var import_cjs$15 = /* @__PURE__ */ __toESM(require_cjs());
-init_source();
-const networkPolicyMode = import_cjs$15.extendType(import_cjs$15.string, {
-	displayName: "MODE",
-	async from(value) {
-		const validModes = [
-			"internet-access",
-			"no-access",
-			"restricted"
-		];
-		if (!validModes.includes(value)) throw new Error([`Invalid network policy mode: ${value}.`, `${source_default.bold("hint:")} Valid modes are: ${validModes.join(", ")}`].join("\n"));
-		return value;
-	}
-});
-const networkPolicy = import_cjs$15.option({
-	long: "network-policy",
-	description: `Network policy mode: "internet-access", "no-access", or "restricted"
-    
-internet-access: sandbox can access any website/domain
-no-access: sandbox has no network access
-restricted: sandbox can only access websites and domains explicitly allowed`,
-	type: import_cjs$15.optional(networkPolicyMode)
-});
-const allowedDomains = import_cjs$15.multioption({
-	long: "allowed-domain",
-	description: `Domain to allow traffic to (requires --network-policy=restricted)
-
-Supports "*" for wildcards for a segment (e.g. '*.vercel.com', 'www.*.com')
-If used as the first segment, will match any subdomain.`,
-	type: import_cjs$15.array(import_cjs$15.string)
-});
-const allowedCIDRs = import_cjs$15.multioption({
-	long: "allowed-cidr",
-	description: `CIDR to allow traffic to (requires --network-policy=restricted)
-
-Takes precedence over 'allowed-domain'.
-`,
-	type: import_cjs$15.array(import_cjs$15.string)
-});
-const deniedCIDRs = import_cjs$15.multioption({
-	long: "denied-cidr",
-	description: `CIDR to deny traffic to (requires --network-policy=restricted)
-    
-Takes precedence over allowed domains/CIDRs.`,
-	type: import_cjs$15.array(import_cjs$15.string)
-});
-const networkPolicyArgs = {
-	networkPolicy,
-	allowedDomains,
-	allowedCIDRs,
-	deniedCIDRs
-};
-
-//#endregion
-//#region src/util/network-policy.ts
-init_source();
-/**
-* Builds a NetworkPolicy from CLI arguments (optional mode for create).
-*/
-function buildNetworkPolicy(args$4) {
-	const { networkPolicy: networkPolicy$1, allowedDomains: allowedDomains$1, allowedCIDRs: allowedCIDRs$1, deniedCIDRs: deniedCIDRs$1 } = args$4;
-	if (!networkPolicy$1 || networkPolicy$1 !== "restricted") {
-		if (allowedDomains$1.length > 0 || allowedCIDRs$1.length > 0 || deniedCIDRs$1.length > 0) throw new Error(["Network policy options require --network-policy to be set to restricted.", `${source_default.bold("hint:")} Use --network-policy=restricted to allow/deny specific domains or CIDRs.`].join("\n"));
-	}
-	switch (networkPolicy$1) {
-		case void 0:
-		case "internet-access": return { type: "internet-access" };
-		case "no-access": return { type: "no-access" };
-		case "restricted": return {
-			type: "restricted",
-			allowedDomains: allowedDomains$1.length > 0 ? allowedDomains$1 : void 0,
-			allowedCIDRs: allowedCIDRs$1.length > 0 ? allowedCIDRs$1 : void 0,
-			deniedCIDRs: deniedCIDRs$1.length > 0 ? deniedCIDRs$1 : void 0
-		};
-	}
-}
-
-//#endregion
-//#region src/commands/create.ts
-var import_cjs$14 = /* @__PURE__ */ __toESM(require_cjs());
-var import_ms$1 = /* @__PURE__ */ __toESM(require_ms());
-init_source();
-const args$3 = {
-	scope,
-	runtime,
-	timeout,
-	ports: import_cjs$14.multioption({
-		long: "publish-port",
-		short: "p",
-		description: "Publish sandbox port(s) to DOMAIN.vercel.run",
-		type: import_cjs$14.array(import_cjs$14.extendType(import_cjs$14.number, {
-			displayName: "PORT",
-			async from(number) {
-				if (number < 1024 || number > 65535) throw new Error([
-					`Invalid port: ${number}.`,
-					`${source_default.bold("hint:")} Ports must be between 1024-65535 (privileged ports 0-1023 are reserved).`,
-					"╰▶ Examples: 3000, 8080, 8443"
-				].join("\n"));
-				return number;
-			}
-		}))
-	}),
-	silent: import_cjs$14.flag({
-		long: "silent",
-		description: "Don't write sandbox ID to stdout"
-	}),
-	snapshot: import_cjs$14.option({
-		long: "snapshot",
-		short: "s",
-		description: "Start the sandbox from a snapshot ID",
-		type: import_cjs$14.optional(snapshotId)
-	}),
-	...networkPolicyArgs
-};
-const create = import_cjs$14.command({
-	name: "create",
-	description: "Create a sandbox in the specified account and project.",
-	args: args$3,
-	async handler({ ports, scope: scope$1, runtime: runtime$1, timeout: timeout$1, silent, snapshot: snapshot$1, networkPolicy: networkPolicyMode$1, allowedDomains: allowedDomains$1, allowedCIDRs: allowedCIDRs$1, deniedCIDRs: deniedCIDRs$1 }) {
-		const networkPolicy$1 = buildNetworkPolicy({
-			networkPolicy: networkPolicyMode$1,
-			allowedDomains: allowedDomains$1,
-			allowedCIDRs: allowedCIDRs$1,
-			deniedCIDRs: deniedCIDRs$1
-		});
-		const spinner = silent ? void 0 : ora("Creating sandbox...").start();
-		const sandbox = snapshot$1 ? await sandboxClient.create({
-			source: {
-				type: "snapshot",
-				snapshotId: snapshot$1
-			},
-			teamId: scope$1.team,
-			projectId: scope$1.project,
-			token: scope$1.token,
-			ports,
-			timeout: (0, import_ms$1.default)(timeout$1),
-			networkPolicy: networkPolicy$1,
-			__interactive: true
-		}) : await sandboxClient.create({
-			teamId: scope$1.team,
-			projectId: scope$1.project,
-			token: scope$1.token,
-			ports,
-			runtime: runtime$1,
-			timeout: (0, import_ms$1.default)(timeout$1),
-			networkPolicy: networkPolicy$1,
-			__interactive: true
-		});
-		spinner?.stop();
-		if (!sandbox.interactivePort) throw new Error([
-			`Sandbox created but interactive port is missing.`,
-			`${source_default.bold("hint:")} This is an internal error. Please try again.`,
-			"╰▶ Report this issue: https://github.com/vercel/sandbox/issues"
-		].join("\n"));
-		const routes = sandbox.routes.filter((x) => x.port !== sandbox.interactivePort);
-		if (!silent) {
-			const teamDisplay = scope$1.teamSlug ?? scope$1.team;
-			const projectDisplay = scope$1.projectSlug ?? scope$1.project;
-			const hasPorts = routes.length > 0;
-			process.stderr.write("✅ Sandbox ");
-			process.stdout.write(source_default.cyan(sandbox.sandboxId));
-			process.stderr.write(" created.\n");
-			process.stderr.write(source_default.dim("   │ ") + "team: " + source_default.cyan(teamDisplay) + "\n");
-			if (hasPorts) {
-				process.stderr.write(source_default.dim("   │ ") + "project: " + source_default.cyan(projectDisplay) + "\n");
-				process.stderr.write(source_default.dim("   │ ") + "ports:\n");
-				for (let i = 0; i < routes.length; i++) {
-					const route = routes[i];
-					const prefix$1 = i === routes.length - 1 ? source_default.dim("   ╰ ") : source_default.dim("   │ ");
-					process.stderr.write(prefix$1 + "• " + route.port + " -> " + source_default.cyan(route.url) + "\n");
-				}
-			} else process.stderr.write(source_default.dim("   ╰ ") + "project: " + source_default.cyan(projectDisplay) + "\n");
-		}
-		return sandbox;
-	}
-});
-
 //#endregion
 //#region src/args/sandbox-id.ts
-var import_cjs$13 = /* @__PURE__ */ __toESM(require_cjs());
+var import_cjs$15 = /* @__PURE__ */ __toESM(require_cjs());
 init_source();
-const sandboxId = import_cjs$13.extendType(import_cjs$13.string, {
+const sandboxId = import_cjs$15.extendType(import_cjs$15.string, {
 	displayName: "sandbox_id",
 	description: "The ID of the sandbox to execute the command in",
 	async from(s$1) {
@@ -11289,9 +11111,9 @@ function printCommand(command$1, args$4) {
 
 //#endregion
 //#region src/interactive-shell/extend-sandbox-timeout.ts
-var import_ms = /* @__PURE__ */ __toESM(require_ms());
+var import_ms$1 = /* @__PURE__ */ __toESM(require_ms());
 const debug$2 = createDebugger("sandbox:timeout");
-const BUFFER = (0, import_ms.default)("10 seconds");
+const BUFFER = (0, import_ms$1.default)("10 seconds");
 async function extendSandboxTimeoutPeriodically(sandbox, signal) {
 	const nextTick = sandbox.createdAt.getTime() + sandbox.timeout;
 	debug$2(`next tick: ${new Date(nextTick).toISOString()}`);
@@ -11301,7 +11123,7 @@ async function extendSandboxTimeoutPeriodically(sandbox, signal) {
 			debug$2(`sleeping for ${timeout$1}ms until next timeout extension`);
 			await setTimeout$1(timeout$1, null, { signal });
 		}
-		await sandbox.extendTimeout((0, import_ms.default)("5 minutes"));
+		await sandbox.extendTimeout((0, import_ms$1.default)("5 minutes"));
 		const nextTick$1 = sandbox.createdAt.getTime() + sandbox.timeout;
 		debug$2(`extended sandbox timeout by 5 minutes. next tick: ${new Date(nextTick$1).toISOString()}`);
 	}
@@ -11434,7 +11256,7 @@ async function startInteractiveShell(options) {
 		listener.connection.then(() => {
 			waitForProcess.abort();
 		});
-		connect(command$1, listener, waitForProcess.signal).catch(waitForProcess.ignoreInterruptions);
+		connect$1(command$1, listener, waitForProcess.signal).catch(waitForProcess.ignoreInterruptions);
 		await Promise.all([throwIfCommandPrematurelyExited(command$1, waitForProcess.signal), attach({
 			sandbox: options.sandbox,
 			progress,
@@ -11530,7 +11352,7 @@ async function* messageReader(stream) {
 /**
 * Connects the command's logs to the listener's stdout and stderr streams.
 */
-async function connect(command$1, listener, signal) {
+async function connect$1(command$1, listener, signal) {
 	try {
 		var _usingCtx5 = _usingCtx();
 		const logs = _usingCtx5.u(command$1.logs({ signal }));
@@ -11567,9 +11389,9 @@ function getStderrStream() {
 
 //#endregion
 //#region src/args/key-value-pair.ts
-var import_cjs$12 = /* @__PURE__ */ __toESM(require_cjs());
+var import_cjs$14 = /* @__PURE__ */ __toESM(require_cjs());
 init_source();
-const KeyValuePair = import_cjs$12.extendType(import_cjs$12.string, {
+const KeyValuePair = import_cjs$14.extendType(import_cjs$14.string, {
 	displayName: "key=value",
 	async from(input) {
 		if (!input.includes("=")) return {
@@ -11583,7 +11405,7 @@ const KeyValuePair = import_cjs$12.extendType(import_cjs$12.string, {
 		};
 	}
 });
-const ObjectFromKeyValue = import_cjs$12.extendType(import_cjs$12.array(KeyValuePair), { async from(input) {
+const ObjectFromKeyValue = import_cjs$14.extendType(import_cjs$14.array(KeyValuePair), { async from(input) {
 	const obj = Object.create(null);
 	const missingVars = [];
 	for (const { key, value } of input) if (value === void 0) missingVars.push(key);
@@ -11597,34 +11419,34 @@ const ObjectFromKeyValue = import_cjs$12.extendType(import_cjs$12.array(KeyValue
 
 //#endregion
 //#region src/commands/exec.ts
-var import_cjs$11 = /* @__PURE__ */ __toESM(require_cjs());
+var import_cjs$13 = /* @__PURE__ */ __toESM(require_cjs());
 init_source();
-const args$2 = {
+const args$3 = {
 	scope,
-	sandbox: import_cjs$11.positional({ type: sandboxId }),
-	asSudo: import_cjs$11.flag({
+	sandbox: import_cjs$13.positional({ type: sandboxId }),
+	asSudo: import_cjs$13.flag({
 		long: "sudo",
 		description: "Give extended privileges to the command."
 	}),
-	command: import_cjs$11.positional({
+	command: import_cjs$13.positional({
 		displayName: "command",
 		description: "The executable to invoke"
 	}),
-	args: import_cjs$11.rest({
+	args: import_cjs$13.rest({
 		displayName: "args",
 		description: "arguments to pass to the command"
 	}),
-	cwd: import_cjs$11.option({
+	cwd: import_cjs$13.option({
 		long: "workdir",
 		short: "w",
 		description: "The working directory to run the command in",
-		type: import_cjs$11.optional(import_cjs$11.string)
+		type: import_cjs$13.optional(import_cjs$13.string)
 	}),
-	interactive: import_cjs$11.flag({
+	interactive: import_cjs$13.flag({
 		long: "interactive",
 		short: "i",
 		description: "Run the command in a secure interactive shell",
-		type: import_cjs$11.extendType(import_cjs$11.boolean, {
+		type: import_cjs$13.extendType(import_cjs$13.boolean, {
 			defaultValue() {
 				return false;
 			},
@@ -11634,26 +11456,26 @@ const args$2 = {
 			}
 		})
 	}),
-	skipExtendingTimeout: import_cjs$11.flag({
+	skipExtendingTimeout: import_cjs$13.flag({
 		long: "no-extend-timeout",
 		description: "Do not extend the sandbox timeout while running an interactive command. Only affects interactive executions."
 	}),
-	envVars: import_cjs$11.multioption({
+	envVars: import_cjs$13.multioption({
 		long: "env",
 		short: "e",
 		type: ObjectFromKeyValue,
 		description: "Environment variables to set for the command"
 	}),
-	tty: import_cjs$11.flag({
+	tty: import_cjs$13.flag({
 		long: "tty",
 		short: "t",
 		description: "Allocate a tty for an interactive command. This is a no-op."
 	})
 };
-const exec = import_cjs$11.command({
+const exec = import_cjs$13.command({
 	name: "exec",
 	description: "Execute a command in an existing sandbox",
-	args: args$2,
+	args: args$3,
 	async handler({ command: command$1, cwd, args: args$4, asSudo, sandbox: sandboxId$1, scope: { token: token$1, team: team$1, project: project$1 }, interactive, envVars, skipExtendingTimeout }) {
 		const sandbox = typeof sandboxId$1 !== "string" ? sandboxId$1 : await sandboxClient.get({
 			sandboxId: sandboxId$1,
@@ -11695,6 +11517,201 @@ const exec = import_cjs$11.command({
 	}
 });
 
+//#endregion
+//#region src/args/network-policy.ts
+var import_cjs$12 = /* @__PURE__ */ __toESM(require_cjs());
+init_source();
+const networkPolicyMode = import_cjs$12.extendType(import_cjs$12.string, {
+	displayName: "MODE",
+	async from(value) {
+		const validModes = [
+			"internet-access",
+			"no-access",
+			"restricted"
+		];
+		if (!validModes.includes(value)) throw new Error([`Invalid network policy mode: ${value}.`, `${source_default.bold("hint:")} Valid modes are: ${validModes.join(", ")}`].join("\n"));
+		return value;
+	}
+});
+const networkPolicy = import_cjs$12.option({
+	long: "network-policy",
+	description: `Network policy mode: "internet-access", "no-access", or "restricted"
+    
+internet-access: sandbox can access any website/domain
+no-access: sandbox has no network access
+restricted: sandbox can only access websites and domains explicitly allowed`,
+	type: import_cjs$12.optional(networkPolicyMode)
+});
+const allowedDomains = import_cjs$12.multioption({
+	long: "allowed-domain",
+	description: `Domain to allow traffic to (requires --network-policy=restricted)
+
+Supports "*" for wildcards for a segment (e.g. '*.vercel.com', 'www.*.com')
+If used as the first segment, will match any subdomain.`,
+	type: import_cjs$12.array(import_cjs$12.string)
+});
+const allowedCIDRs = import_cjs$12.multioption({
+	long: "allowed-cidr",
+	description: `CIDR to allow traffic to (requires --network-policy=restricted)
+
+Takes precedence over 'allowed-domain'.
+`,
+	type: import_cjs$12.array(import_cjs$12.string)
+});
+const deniedCIDRs = import_cjs$12.multioption({
+	long: "denied-cidr",
+	description: `CIDR to deny traffic to (requires --network-policy=restricted)
+    
+Takes precedence over allowed domains/CIDRs.`,
+	type: import_cjs$12.array(import_cjs$12.string)
+});
+const networkPolicyArgs = {
+	networkPolicy,
+	allowedDomains,
+	allowedCIDRs,
+	deniedCIDRs
+};
+
+//#endregion
+//#region src/util/network-policy.ts
+init_source();
+/**
+* Builds a NetworkPolicy from CLI arguments (optional mode for create).
+*/
+function buildNetworkPolicy(args$4) {
+	const { networkPolicy: networkPolicy$1, allowedDomains: allowedDomains$1, allowedCIDRs: allowedCIDRs$1, deniedCIDRs: deniedCIDRs$1 } = args$4;
+	if (!networkPolicy$1 || networkPolicy$1 !== "restricted") {
+		if (allowedDomains$1.length > 0 || allowedCIDRs$1.length > 0 || deniedCIDRs$1.length > 0) throw new Error(["Network policy options require --network-policy to be set to restricted.", `${source_default.bold("hint:")} Use --network-policy=restricted to allow/deny specific domains or CIDRs.`].join("\n"));
+	}
+	switch (networkPolicy$1) {
+		case void 0:
+		case "internet-access": return { type: "internet-access" };
+		case "no-access": return { type: "no-access" };
+		case "restricted": return {
+			type: "restricted",
+			allowedDomains: allowedDomains$1.length > 0 ? allowedDomains$1 : void 0,
+			allowedCIDRs: allowedCIDRs$1.length > 0 ? allowedCIDRs$1 : void 0,
+			deniedCIDRs: deniedCIDRs$1.length > 0 ? deniedCIDRs$1 : void 0
+		};
+	}
+}
+
+//#endregion
+//#region src/commands/create.ts
+var import_cjs$11 = /* @__PURE__ */ __toESM(require_cjs());
+var import_ms = /* @__PURE__ */ __toESM(require_ms());
+init_source();
+const args$2 = {
+	scope,
+	runtime,
+	timeout,
+	ports: import_cjs$11.multioption({
+		long: "publish-port",
+		short: "p",
+		description: "Publish sandbox port(s) to DOMAIN.vercel.run",
+		type: import_cjs$11.array(import_cjs$11.extendType(import_cjs$11.number, {
+			displayName: "PORT",
+			async from(number) {
+				if (number < 1024 || number > 65535) throw new Error([
+					`Invalid port: ${number}.`,
+					`${source_default.bold("hint:")} Ports must be between 1024-65535 (privileged ports 0-1023 are reserved).`,
+					"╰▶ Examples: 3000, 8080, 8443"
+				].join("\n"));
+				return number;
+			}
+		}))
+	}),
+	silent: import_cjs$11.flag({
+		long: "silent",
+		description: "Don't write sandbox ID to stdout"
+	}),
+	snapshot: import_cjs$11.option({
+		long: "snapshot",
+		short: "s",
+		description: "Start the sandbox from a snapshot ID",
+		type: import_cjs$11.optional(snapshotId)
+	}),
+	connect: import_cjs$11.flag({
+		long: "connect",
+		description: "Start an interactive shell session after creating the sandbox"
+	}),
+	...networkPolicyArgs
+};
+const create = import_cjs$11.command({
+	name: "create",
+	description: "Create a sandbox in the specified account and project.",
+	args: args$2,
+	async handler({ ports, scope: scope$1, runtime: runtime$1, timeout: timeout$1, silent, snapshot: snapshot$1, connect: connect$2, networkPolicy: networkPolicyMode$1, allowedDomains: allowedDomains$1, allowedCIDRs: allowedCIDRs$1, deniedCIDRs: deniedCIDRs$1 }) {
+		const networkPolicy$1 = buildNetworkPolicy({
+			networkPolicy: networkPolicyMode$1,
+			allowedDomains: allowedDomains$1,
+			allowedCIDRs: allowedCIDRs$1,
+			deniedCIDRs: deniedCIDRs$1
+		});
+		const spinner = silent ? void 0 : ora("Creating sandbox...").start();
+		const sandbox = snapshot$1 ? await sandboxClient.create({
+			source: {
+				type: "snapshot",
+				snapshotId: snapshot$1
+			},
+			teamId: scope$1.team,
+			projectId: scope$1.project,
+			token: scope$1.token,
+			ports,
+			timeout: (0, import_ms.default)(timeout$1),
+			networkPolicy: networkPolicy$1,
+			__interactive: true
+		}) : await sandboxClient.create({
+			teamId: scope$1.team,
+			projectId: scope$1.project,
+			token: scope$1.token,
+			ports,
+			runtime: runtime$1,
+			timeout: (0, import_ms.default)(timeout$1),
+			networkPolicy: networkPolicy$1,
+			__interactive: true
+		});
+		spinner?.stop();
+		if (!sandbox.interactivePort) throw new Error([
+			`Sandbox created but interactive port is missing.`,
+			`${source_default.bold("hint:")} This is an internal error. Please try again.`,
+			"╰▶ Report this issue: https://github.com/vercel/sandbox/issues"
+		].join("\n"));
+		const routes = sandbox.routes.filter((x) => x.port !== sandbox.interactivePort);
+		if (!silent) {
+			const teamDisplay = scope$1.teamSlug ?? scope$1.team;
+			const projectDisplay = scope$1.projectSlug ?? scope$1.project;
+			const hasPorts = routes.length > 0;
+			process.stderr.write("✅ Sandbox ");
+			process.stdout.write(source_default.cyan(sandbox.sandboxId));
+			process.stderr.write(" created.\n");
+			process.stderr.write(source_default.dim("   │ ") + "team: " + source_default.cyan(teamDisplay) + "\n");
+			if (hasPorts) {
+				process.stderr.write(source_default.dim("   │ ") + "project: " + source_default.cyan(projectDisplay) + "\n");
+				process.stderr.write(source_default.dim("   │ ") + "ports:\n");
+				for (let i = 0; i < routes.length; i++) {
+					const route = routes[i];
+					const prefix$1 = i === routes.length - 1 ? source_default.dim("   ╰ ") : source_default.dim("   │ ");
+					process.stderr.write(prefix$1 + "• " + route.port + " -> " + source_default.cyan(route.url) + "\n");
+				}
+			} else process.stderr.write(source_default.dim("   ╰ ") + "project: " + source_default.cyan(projectDisplay) + "\n");
+		}
+		if (connect$2) await exec.handler({
+			scope: scope$1,
+			asSudo: false,
+			args: [],
+			cwd: void 0,
+			skipExtendingTimeout: false,
+			envVars: {},
+			command: "sh",
+			interactive: true,
+			tty: true,
+			sandbox
+		});
+		return sandbox;
+	}
+});
+
 //#endregion
 //#region src/util/omit.ts
 function omit(obj, ...keys) {
@@ -11707,8 +11724,8 @@ function omit(obj, ...keys) {
 //#region src/commands/run.ts
 var import_cjs$10 = /* @__PURE__ */ __toESM(require_cjs());
 const args$1 = {
-	...args$3,
-	...omit(args$2, "sandbox"),
+	...args$2,
+	...omit(args$3, "sandbox"),
 	removeAfterUse: import_cjs$10.flag({
 		long: "rm",
 		description: "Automatically remove the sandbox when the command exits."
@@ -11730,20 +11747,6 @@ const run = import_cjs$10.command({
 		}
 	}
 });
-const sh = import_cjs$10.command({
-	name: "sh",
-	description: "Create a sandbox and run an interactive shell.",
-	aliases: ["shell"],
-	args: omit(args$1, "command", "interactive", "tty"),
-	async handler(args$4) {
-		return run.handler({
-			command: "sh",
-			interactive: true,
-			tty: true,
-			...args$4
-		});
-	}
-});
 
 //#endregion
 //#region src/commands/list.ts
@@ -11812,12 +11815,13 @@ const SandboxStatusColor = new Map([
 ]);
 
 //#endregion
-//#region src/commands/ssh.ts
+//#region src/commands/connect.ts
 var import_cjs$8 = /* @__PURE__ */ __toESM(require_cjs());
-const ssh = import_cjs$8.command({
-	name: "ssh",
+const connect = import_cjs$8.command({
+	name: "connect",
+	aliases: ["ssh", "shell"],
 	description: "Start an interactive shell in an existing sandbox",
-	args: omit(args$2, "command", "args", "interactive", "tty"),
+	args: omit(args$3, "command", "args", "interactive", "tty"),
 	async handler(args$4) {
 		return exec.handler({
 			command: "sh",
@@ -14502,10 +14506,9 @@ const app = (opts) => (0, import_cjs.subcommands)({
 		config,
 		copy: cp,
 		exec,
-		ssh,
+		connect,
 		stop,
 		run,
-		sh,
 		snapshot,
 		snapshots,
 		...!opts?.withoutAuth && {
@@ -14517,4 +14520,4 @@ const app = (opts) => (0, import_cjs.subcommands)({
 
 //#endregion
 export { StyledError as n, require_cjs as r, app as t };
-//# sourceMappingURL=app-DtmaeGtx.mjs.map
+//# sourceMappingURL=app-BNIol84k.mjs.map