npm - sandbox - Versions diffs - 2.2.0 → 2.3.0 - Mend

sandbox 2.2.0 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/{app-BNIol84k.mjs → app-CTYU83uM.mjs} +53 -54
package/dist/app-CTYU83uM.mjs.map +1 -0
package/dist/index.mjs +1 -1
package/dist/pty-server-linux-x86_64 +0 -0
package/dist/sandbox.mjs +1 -1
package/package.json +3 -3
package/dist/app-BNIol84k.mjs.map +0 -1

package/dist/{app-BNIol84k.mjs → app-CTYU83uM.mjs} RENAMED Viewed

@@ -7292,7 +7292,7 @@ const scope = {
 //#endregion
 //#region package.json
-var version = "2.2.0";
+var version = "2.3.0";
 //#endregion
 //#region src/error.ts
@@ -11524,45 +11524,32 @@ init_source();
 const networkPolicyMode = import_cjs$12.extendType(import_cjs$12.string, {
 	displayName: "MODE",
 	async from(value) {
-		const validModes = [
-			"internet-access",
-			"no-access",
-			"restricted"
-		];
+		const validModes = ["allow-all", "deny-all"];
 		if (!validModes.includes(value)) throw new Error([`Invalid network policy mode: ${value}.`, `${source_default.bold("hint:")} Valid modes are: ${validModes.join(", ")}`].join("\n"));
 		return value;
 	}
 });
 const networkPolicy = import_cjs$12.option({
 	long: "network-policy",
-	description: `Network policy mode: "internet-access", "no-access", or "restricted"
-internet-access: sandbox can access any website/domain
-no-access: sandbox has no network access
-restricted: sandbox can only access websites and domains explicitly allowed`,
+	description: `Network policy mode: "allow-all" or "deny-all"
+      - allow-all: sandbox can access any website/domain
+      - deny-all: sandbox has no network access
+    Omit this option and use --allowed-domain / --allowed-cidr / --denied-cidr for custom policies.`,
 	type: import_cjs$12.optional(networkPolicyMode)
 });
 const allowedDomains = import_cjs$12.multioption({
 	long: "allowed-domain",
-	description: `Domain to allow traffic to (requires --network-policy=restricted)
-Supports "*" for wildcards for a segment (e.g. '*.vercel.com', 'www.*.com')
-If used as the first segment, will match any subdomain.`,
+	description: `Domain to allow traffic to (creates a custom network policy). Supports "*" for wildcards for a segment (e.g. '*.vercel.com', 'www.*.com'). If used as the first segment, will match any subdomain.`,
 	type: import_cjs$12.array(import_cjs$12.string)
 });
 const allowedCIDRs = import_cjs$12.multioption({
 	long: "allowed-cidr",
-	description: `CIDR to allow traffic to (requires --network-policy=restricted)
-Takes precedence over 'allowed-domain'.
-`,
+	description: `CIDR to allow traffic to (creates a custom network policy). Takes precedence over 'allowed-domain'.`,
 	type: import_cjs$12.array(import_cjs$12.string)
 });
 const deniedCIDRs = import_cjs$12.multioption({
 	long: "denied-cidr",
-	description: `CIDR to deny traffic to (requires --network-policy=restricted)
-Takes precedence over allowed domains/CIDRs.`,
+	description: `CIDR to deny traffic to (creates a custom network policy). Takes precedence over allowed domains/CIDRs.`,
 	type: import_cjs$12.array(import_cjs$12.string)
 });
 const networkPolicyArgs = {
@@ -11576,24 +11563,28 @@ const networkPolicyArgs = {
 //#region src/util/network-policy.ts
 init_source();
 /**
-* Builds a NetworkPolicy from CLI arguments (optional mode for create).
+* Resolves the network policy mode from --network-policy and --mode flags.
+* Errors if both are provided with conflicting values.
+*/
+function resolveMode(networkPolicy$1, mode) {
+	if (networkPolicy$1 && mode && networkPolicy$1 !== mode) throw new Error([`Conflicting network policy modes: --network-policy=${networkPolicy$1} and --mode=${mode}.`, `${source_default.bold("hint:")} Use only one of --network-policy or --mode.`].join("\n"));
+	return networkPolicy$1 ?? mode;
+}
+/**
+* Builds a NetworkPolicy from CLI arguments.
 */
 function buildNetworkPolicy(args$4) {
 	const { networkPolicy: networkPolicy$1, allowedDomains: allowedDomains$1, allowedCIDRs: allowedCIDRs$1, deniedCIDRs: deniedCIDRs$1 } = args$4;
-	if (!networkPolicy$1 || networkPolicy$1 !== "restricted") {
-		if (allowedDomains$1.length > 0 || allowedCIDRs$1.length > 0 || deniedCIDRs$1.length > 0) throw new Error(["Network policy options require --network-policy to be set to restricted.", `${source_default.bold("hint:")} Use --network-policy=restricted to allow/deny specific domains or CIDRs.`].join("\n"));
-	}
-	switch (networkPolicy$1) {
-		case void 0:
-		case "internet-access": return { type: "internet-access" };
-		case "no-access": return { type: "no-access" };
-		case "restricted": return {
-			type: "restricted",
-			allowedDomains: allowedDomains$1.length > 0 ? allowedDomains$1 : void 0,
-			allowedCIDRs: allowedCIDRs$1.length > 0 ? allowedCIDRs$1 : void 0,
-			deniedCIDRs: deniedCIDRs$1.length > 0 ? deniedCIDRs$1 : void 0
-		};
-	}
+	const hasListOptions = allowedDomains$1.length > 0 || allowedCIDRs$1.length > 0 || deniedCIDRs$1.length > 0;
+	if (networkPolicy$1 && hasListOptions) throw new Error([`Cannot combine --network-policy=${networkPolicy$1} with --allowed-domain, --allowed-cidr, or --denied-cidr.`, `${source_default.bold("hint:")} Use --allowed-domain / --allowed-cidr / --denied-cidr without --network-policy for custom policies.`].join("\n"));
+	if (hasListOptions) return {
+		...allowedDomains$1.length > 0 && { allow: allowedDomains$1 },
+		...(allowedCIDRs$1.length > 0 || deniedCIDRs$1.length > 0) && { subnets: {
+			...allowedCIDRs$1.length > 0 && { allow: allowedCIDRs$1 },
+			...deniedCIDRs$1.length > 0 && { deny: deniedCIDRs$1 }
+		} }
+	};
+	return networkPolicy$1 ?? "allow-all";
 }
 //#endregion
@@ -11794,7 +11785,7 @@ const list = import_cjs$9.command({
 				ID: { value: (s$1) => s$1.id },
 				STATUS: {
 					value: (s$1) => s$1.status,
-					color: (s$1) => SandboxStatusColor.get(s$1.status) ?? source_default.reset
+					color: (s$1) => SandboxStatusColor[s$1.status] ?? source_default.reset
 				},
 				CREATED: { value: (s$1) => timeAgo(s$1.createdAt) },
 				MEMORY: { value: (s$1) => memoryFormatter.format(s$1.memory) },
@@ -11806,13 +11797,15 @@ const list = import_cjs$9.command({
 		}));
 	}
 });
-const SandboxStatusColor = new Map([
-	["running", source_default.cyan],
-	["failed", source_default.red],
-	["stopped", source_default.gray.dim],
-	["stopping", source_default.gray],
-	["pending", source_default.magenta]
-]);
+const SandboxStatusColor = {
+	"running": source_default.cyan,
+	"failed": source_default.red,
+	"stopped": source_default.gray.dim,
+	"stopping": source_default.gray,
+	"pending": source_default.magenta,
+	"snapshotting": source_default.blue,
+	"aborted": source_default.gray.dim
+};
 //#endregion
 //#region src/commands/connect.ts
@@ -14443,16 +14436,21 @@ var import_cjs$1 = /* @__PURE__ */ __toESM(require_cjs());
 init_source();
 const networkPolicyCommand = import_cjs$1.command({
 	name: "network-policy",
-	description: `Update the network policy of a sandbox
-This is a full update, fully overriding the pre-existing configuration.`,
+	description: `Update the network policy of a sandbox.
+  This will fully override the previous configuration.`,
 	args: {
 		scope,
 		sandbox: import_cjs$1.positional({ type: sandboxId }),
-		...networkPolicyArgs
+		...networkPolicyArgs,
+		mode: import_cjs$1.option({
+			long: "mode",
+			description: `Alias for --network-policy.`,
+			type: import_cjs$1.optional(networkPolicyMode)
+		})
 	},
-	async handler({ scope: { token: token$1, team: team$1, project: project$1 }, sandbox: sandboxId$1, networkPolicy: networkPolicyMode$1, allowedDomains: allowedDomains$1, allowedCIDRs: allowedCIDRs$1, deniedCIDRs: deniedCIDRs$1 }) {
-		if (networkPolicyMode$1 === void 0) throw new Error(`Network policy mode must be set.`);
+	async handler({ scope: { token: token$1, team: team$1, project: project$1 }, sandbox: sandboxId$1, networkPolicy: networkPolicyFlag, mode: modeFlag, allowedDomains: allowedDomains$1, allowedCIDRs: allowedCIDRs$1, deniedCIDRs: deniedCIDRs$1 }) {
+		const networkPolicyMode$1 = resolveMode(networkPolicyFlag, modeFlag);
+		if (networkPolicyMode$1 === void 0 && allowedDomains$1.length === 0 && allowedCIDRs$1.length === 0 && deniedCIDRs$1.length === 0) throw new Error(`Network policy mode or custom rules must be set.`);
 		const networkPolicy$1 = buildNetworkPolicy({
 			networkPolicy: networkPolicyMode$1,
 			allowedDomains: allowedDomains$1,
@@ -14477,10 +14475,11 @@ This is a full update, fully overriding the pre-existing configuration.`,
 		}
 		const spinner = ora("Updating network policy...").start();
 		try {
-			await sandbox.updateNetworkPolicy(networkPolicy$1);
+			const response = await sandbox.updateNetworkPolicy(networkPolicy$1);
 			spinner.stop();
 			process.stderr.write("✅ Network policy updated for sandbox " + source_default.cyan(sandbox.sandboxId) + "\n");
-			process.stderr.write(source_default.dim("   ╰ ") + "mode: " + source_default.cyan(networkPolicy$1.type) + "\n");
+			const mode = typeof response === "string" ? response : "restricted";
+			process.stderr.write(source_default.dim("   ╰ ") + "mode: " + source_default.cyan(mode) + "\n");
 		} catch (error) {
 			spinner.stop();
 			throw error;
@@ -14520,4 +14519,4 @@ const app = (opts) => (0, import_cjs.subcommands)({
 //#endregion
 export { StyledError as n, require_cjs as r, app as t };
-//# sourceMappingURL=app-BNIol84k.mjs.map
+//# sourceMappingURL=app-CTYU83uM.mjs.map