sandboxbox 1.2.2 โ†’ 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/README.md +180 -99
  2. package/cli.js +125 -162
  3. package/package.json +11 -12
  4. package/BUBBLEWRAP-REALITY.md +0 -210
  5. package/Dockerfile.test +0 -16
  6. package/USAGE.md +0 -111
  7. package/bin/bwrap +0 -0
  8. package/build-final.log +0 -2217
  9. package/build-output.log +0 -289
  10. package/complete-build.log +0 -231
  11. package/container.js +0 -847
  12. package/debug-cli.js +0 -15
  13. package/final-build.log +0 -268
  14. package/final-complete-build.log +0 -240
  15. package/full-build.log +0 -234
  16. package/init-firewall.sh +0 -36
  17. package/lib/bubblewrap.js +0 -203
  18. package/npm-build-test.log +0 -410
  19. package/playwright.sh +0 -183
  20. package/run.sh +0 -12
  21. package/sandboxbox-sandbox/build.sh +0 -83
  22. package/scripts/build.js +0 -303
  23. package/scripts/download-bubblewrap.js +0 -186
  24. package/test-cli.js +0 -72
  25. package/test-project/Dockerfile.sandboxbox +0 -20
package/full-build.log DELETED
@@ -1,234 +0,0 @@
1
- ๐Ÿ“ฆ SandboxBox - Zero-Privilege Container Runner
2
- โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•โ•
3
-
4
- ๐Ÿ—๏ธ Building container...
5
- โœ… Using bundled bubblewrap
6
- โœ… Bubblewrap found: bubblewrap 0.9.0
7
- โš ๏ธ User namespaces not available
8
-  Try: sudo sysctl kernel.unprivileged_userns_clone=1
9
-  Or: echo 1 | sudo tee /proc/sys/kernel/unprivileged_userns_clone
10
- โœ… Using bundled bubblewrap
11
- ๐Ÿณ Building container with bubblewrap isolation...
12
-
13
- ๐Ÿ“ฆ FROM node:20
14
- โš ๏ธ Unknown base image type
15
-
16
- ๐Ÿ—๏ธ ARG TZ
17
-
18
- ๐Ÿ”ง ENV TZ="$TZ"
19
-
20
- ๐Ÿ—๏ธ ARG CLAUDE_CODE_VERSION=latest
21
-
22
- โš™๏ธ RUN apt-get update && apt-get install -y --no-install-recommends less gi...
23
- โš™๏ธ RUN mkdir -p /usr/local/share/npm-global && chown -R node:node /usr/local...
24
- ๐Ÿ—๏ธ ARG USERNAME=node
25
-
26
- โš™๏ธ RUN SNIPPET="export PROMPT_COMMAND='history -a' && export HISTFILE=/comman...
27
- ๐Ÿ”ง ENV DEVCONTAINER=true
28
-
29
- โš™๏ธ RUN mkdir -p /workspace /home/node/.claude && chown -R node:node /workspa...
30
- ๐Ÿ“ WORKDIR workspace
31
-
32
- ๐Ÿ—๏ธ ARG GIT_DELTA_VERSION=0.18.2
33
-
34
- โš™๏ธ RUN ARCH=$(dpkg --print-architecture) && wget "https://github.com/dandavi...
35
- ๐Ÿ‘ค USER node
36
-
37
- ๐Ÿ”ง ENV NPM_CONFIG_PREFIX=/usr/local/share/npm-global
38
-
39
- ๐Ÿ”ง ENV PATH=$PATH:/usr/local/share/npm-global/bin
40
-
41
- ๐Ÿ”ง ENV SHELL=/bin/zsh
42
-
43
- ๐Ÿ”ง ENV EDITOR=nano
44
-
45
- ๐Ÿ”ง ENV VISUAL=nano
46
-
47
- ๐Ÿ—๏ธ ARG ZSH_IN_DOCKER_VERSION=1.2.0
48
-
49
- โš™๏ธ RUN sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/dow...
50
- โš™๏ธ RUN npm install -g @anthropic-ai/claude-code@${CLAUDE_CODE_VERSION}
51
- โš™๏ธ RUN npx --yes playwright install-deps
52
- โš™๏ธ RUN npm i -g @playwright/mcp
53
- ๐Ÿ“‹ COPY init-firewall.sh /usr/local/bin/
54
- โš ๏ธ COPY/ADD commands must be run in project directory
55
-
56
- ๐Ÿ‘ค USER root
57
-
58
- โš™๏ธ RUN chmod +x /usr/local/bin/init-firewall.sh && echo "node ALL=(root) NOP...
59
- ๐Ÿ‘ค USER node
60
-
61
- ๐Ÿ“ Creating build script...
62
-
63
- โœ… Build script created: sandboxbox-sandbox/build.sh
64
-
65
- ๐Ÿš€ Executing build commands...
66
-
67
- โš ๏ธ Note: Commands will run on host system (Docker-free mode)
68
-
69
- โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€
70
-
71
-
72
- ๐Ÿ“ [1/10] apt-get update && apt-get install -y --no-install-recommends less git procps ...
73
- ๐Ÿ” Running with sudo (requires root privileges)
74
- Get:1 http://ports.ubuntu.com/ubuntu-ports noble InRelease [256 kB]
75
- Get:2 http://ports.ubuntu.com/ubuntu-ports noble-updates InRelease [126 kB]
76
- Get:3 http://ports.ubuntu.com/ubuntu-ports noble-security InRelease [126 kB]
77
- Get:4 http://ports.ubuntu.com/ubuntu-ports noble/main Sources [1,713 kB]
78
- Get:5 http://ports.ubuntu.com/ubuntu-ports noble/restricted Sources [21.8 kB]
79
- Get:6 http://ports.ubuntu.com/ubuntu-ports noble/universe Sources [24.3 MB]
80
- Get:7 http://ports.ubuntu.com/ubuntu-ports noble/multiverse Sources [355 kB]
81
- Get:8 http://ports.ubuntu.com/ubuntu-ports noble/main arm64 Packages [1,776 kB]
82
- Get:9 http://ports.ubuntu.com/ubuntu-ports noble/multiverse arm64 Packages [274 kB]
83
- Get:10 http://ports.ubuntu.com/ubuntu-ports noble/restricted arm64 Packages [113 kB]
84
- Get:11 http://ports.ubuntu.com/ubuntu-ports noble/universe arm64 Packages [19.0 MB]
85
- Get:12 http://ports.ubuntu.com/ubuntu-ports noble-updates/multiverse Sources [28.1 kB]
86
- Get:13 http://ports.ubuntu.com/ubuntu-ports noble-updates/universe Sources [633 kB]
87
- Get:14 http://ports.ubuntu.com/ubuntu-ports noble-updates/restricted Sources [70.8 kB]
88
- Get:15 http://ports.ubuntu.com/ubuntu-ports noble-updates/main Sources [583 kB]
89
- Get:16 http://ports.ubuntu.com/ubuntu-ports noble-updates/multiverse arm64 Packages [36.9 kB]
90
- Get:17 http://ports.ubuntu.com/ubuntu-ports noble-updates/universe arm64 Packages [1,849 kB]
91
- Get:18 http://ports.ubuntu.com/ubuntu-ports noble-updates/main arm64 Packages [1,969 kB]
92
- Get:19 http://ports.ubuntu.com/ubuntu-ports noble-updates/restricted arm64 Packages [3,560 kB]
93
- Get:20 http://ports.ubuntu.com/ubuntu-ports noble-security/main Sources [253 kB]
94
- Get:21 http://ports.ubuntu.com/ubuntu-ports noble-security/multiverse Sources [21.3 kB]
95
- Get:22 http://ports.ubuntu.com/ubuntu-ports noble-security/restricted Sources [64.7 kB]
96
- Get:23 http://ports.ubuntu.com/ubuntu-ports noble-security/universe Sources [408 kB]
97
- Get:24 http://ports.ubuntu.com/ubuntu-ports noble-security/multiverse arm64 Packages [35.8 kB]
98
- Get:25 http://ports.ubuntu.com/ubuntu-ports noble-security/restricted arm64 Packages [3,435 kB]
99
- Get:26 http://ports.ubuntu.com/ubuntu-ports noble-security/universe arm64 Packages [1,122 kB]
100
- Get:27 http://ports.ubuntu.com/ubuntu-ports noble-security/main arm64 Packages [1,624 kB]
101
- Fetched 63.8 MB in 11s (5,899 kB/s)
102
- Reading package lists...
103
- Reading package lists...
104
- Building dependency tree...
105
- Reading state information...
106
- less is already the newest version (590-2ubuntu2.1).
107
- git is already the newest version (1:2.43.0-1ubuntu7.3).
108
- procps is already the newest version (2:4.0.4-4ubuntu3.2).
109
- sudo is already the newest version (1.9.15p5-3ubuntu5.24.04.1).
110
- fzf is already the newest version (0.44.1-1ubuntu0.3).
111
- zsh is already the newest version (5.9-6ubuntu2).
112
- man-db is already the newest version (2.12.0-4build2).
113
- unzip is already the newest version (6.0-28ubuntu4.1).
114
- gnupg2 is already the newest version (2.4.4-2ubuntu17.3).
115
- gh is already the newest version (2.45.0-1ubuntu0.3).
116
- iptables is already the newest version (1.8.10-3ubuntu2).
117
- ipset is already the newest version (7.19-1ubuntu2).
118
- iproute2 is already the newest version (6.1.0-1ubuntu6.2).
119
- dnsutils is already the newest version (1:9.18.39-0ubuntu0.24.04.1).
120
- aggregate is already the newest version (1.6-7build1).
121
- jq is already the newest version (1.7.1-3ubuntu0.24.04.1).
122
- nano is already the newest version (7.2-2ubuntu0.1).
123
- vim is already the newest version (2:9.1.0016-1ubuntu7.9).
124
- 0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.
125
- โœ… Command 1 completed successfully
126
-
127
- ๐Ÿ“ [2/10] mkdir -p /usr/local/share/npm-global && chown -R node:node /usr/local/share
128
- ๐Ÿ” Running with sudo (requires root privileges)
129
- โœ… Command 2 completed successfully
130
-
131
- ๐Ÿ“ [3/10] SNIPPET="export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhistory/....
132
- ๐Ÿ” Running with sudo (requires root privileges)
133
- โœ… Command 3 completed successfully
134
-
135
- ๐Ÿ“ [4/10] mkdir -p /workspace /home/node/.claude && chown -R node:node /workspace /home/n...
136
- ๐Ÿ” Running with sudo (requires root privileges)
137
- โœ… Command 4 completed successfully
138
-
139
- ๐Ÿ“ [5/10] ARCH=$(dpkg --print-architecture) && wget "https://github.com/dandavison/delta/...
140
- --2025-10-09 18:31:56-- https://github.com/dandavison/delta/releases/download/0.18.2/git-delta_0.18.2_arm64.deb
141
- Resolving github.com (github.com)... 20.87.245.0
142
- Connecting to github.com (github.com)|20.87.245.0|:443... connected.
143
- HTTP request sent, awaiting response... 302 Found
144
- Location: https://release-assets.githubusercontent.com/github-production-release-asset/193526915/efd1d245-1d1e-4f19-ac99-0518bf31266d?sp=r&sv=2018-11-09&sr=b&spr=https&se=2025-10-09T19%3A19%3A51Z&rscd=attachment%3B+filename%3Dgit-delta_0.18.2_arm64.deb&rsct=application%2Foctet-stream&skoid=96c2d410-5711-43a1-aedd-ab1947aa7ab0&sktid=398a6654-997b-47e9-b12b-9515b896b4de&skt=2025-10-09T18%3A19%3A38Z&ske=2025-10-09T19%3A19%3A51Z&sks=b&skv=2018-11-09&sig=wSSEOovq7e2nsvla8Wy3AD4txJ%2FUyt12xkkPIvASOLM%3D&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmVsZWFzZS1hc3NldHMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwia2V5Ijoia2V5MSIsImV4cCI6MTc2MDAzNDkyNCwibmJmIjoxNzYwMDM0NjI0LCJwYXRoIjoicmVsZWFzZWFzc2V0cHJvZHVjdGlvbi5ibG9iLmNvcmUud2luZG93cy5uZXQifQ.a4i5Y0160BTAu_nkE8pT86CFHfQiK4LwrvsirK3sVkE&response-content-disposition=attachment%3B%20filename%3Dgit-delta_0.18.2_arm64.deb&response-content-type=application%2Foctet-stream [following]
145
- --2025-10-09 18:31:56-- https://release-assets.githubusercontent.com/github-production-release-asset/193526915/efd1d245-1d1e-4f19-ac99-0518bf31266d?sp=r&sv=2018-11-09&sr=b&spr=https&se=2025-10-09T19%3A19%3A51Z&rscd=attachment%3B+filename%3Dgit-delta_0.18.2_arm64.deb&rsct=application%2Foctet-stream&skoid=96c2d410-5711-43a1-aedd-ab1947aa7ab0&sktid=398a6654-997b-47e9-b12b-9515b896b4de&skt=2025-10-09T18%3A19%3A38Z&ske=2025-10-09T19%3A19%3A51Z&sks=b&skv=2018-11-09&sig=wSSEOovq7e2nsvla8Wy3AD4txJ%2FUyt12xkkPIvASOLM%3D&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmVsZWFzZS1hc3NldHMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwia2V5Ijoia2V5MSIsImV4cCI6MTc2MDAzNDkyNCwibmJmIjoxNzYwMDM0NjI0LCJwYXRoIjoicmVsZWFzZWFzc2V0cHJvZHVjdGlvbi5ibG9iLmNvcmUud2luZG93cy5uZXQifQ.a4i5Y0160BTAu_nkE8pT86CFHfQiK4LwrvsirK3sVkE&response-content-disposition=attachment%3B%20filename%3Dgit-delta_0.18.2_arm64.deb&response-content-type=application%2Foctet-stream
146
- Resolving release-assets.githubusercontent.com (release-assets.githubusercontent.com)... 185.199.109.133, 185.199.110.133, 185.199.108.133, ...
147
- Connecting to release-assets.githubusercontent.com (release-assets.githubusercontent.com)|185.199.109.133|:443... connected.
148
- HTTP request sent, awaiting response... 200 OK
149
- Length: 2292336 (2.2M) [application/octet-stream]
150
- Saving to: โ€˜git-delta_0.18.2_arm64.debโ€™
151
-
152
- 0K .......... .......... .......... .......... .......... 2% 13.0M 0s
153
- 50K .......... .......... .......... .......... .......... 4% 30.5M 0s
154
- 100K .......... .......... .......... .......... .......... 6% 46.5M 0s
155
- 150K .......... .......... .......... .......... .......... 8% 63.5M 0s
156
- 200K .......... .......... .......... .......... .......... 11% 195M 0s
157
- 250K .......... .......... .......... .......... .......... 13% 26.0M 0s
158
- 300K .......... .......... .......... .......... .......... 15% 134M 0s
159
- 350K .......... .......... .......... .......... .......... 17% 39.6M 0s
160
- 400K .......... .......... .......... .......... .......... 20% 59.6M 0s
161
- 450K .......... .......... .......... .......... .......... 22% 116M 0s
162
- 500K .......... .......... .......... .......... .......... 24% 77.7M 0s
163
- 550K .......... .......... .......... .......... .......... 26% 369M 0s
164
- 600K .......... .......... .......... .......... .......... 29% 396M 0s
165
- 650K .......... .......... .......... .......... .......... 31% 188M 0s
166
- 700K .......... .......... .......... .......... .......... 33% 79.0M 0s
167
- 750K .......... .......... .......... .......... .......... 35% 334M 0s
168
- 800K .......... .......... .......... .......... .......... 37% 106M 0s
169
- 850K .......... .......... .......... .......... .......... 40% 463M 0s
170
- 900K .......... .......... .......... .......... .......... 42% 540M 0s
171
- 950K .......... .......... .......... .......... .......... 44% 62.6M 0s
172
- 1000K .......... .......... .......... .......... .......... 46% 519M 0s
173
- 1050K .......... .......... .......... .......... .......... 49% 534M 0s
174
- 1100K .......... .......... .......... .......... .......... 51% 543M 0s
175
- 1150K .......... .......... .......... .......... .......... 53% 513M 0s
176
- 1200K .......... .......... .......... .......... .......... 55% 424M 0s
177
- 1250K .......... .......... .......... .......... .......... 58% 539M 0s
178
- 1300K .......... .......... .......... .......... .......... 60% 559M 0s
179
- 1350K .......... .......... .......... .......... .......... 62% 153M 0s
180
- 1400K .......... .......... .......... .......... .......... 64% 358M 0s
181
- 1450K .......... .......... .......... .......... .......... 67% 539M 0s
182
- 1500K .......... .......... .......... .......... .......... 69% 550M 0s
183
- 1550K .......... .......... .......... .......... .......... 71% 404M 0s
184
- 1600K .......... .......... .......... .......... .......... 73% 541M 0s
185
- 1650K .......... .......... .......... .......... .......... 75% 105M 0s
186
- 1700K .......... .......... .......... .......... .......... 78% 467M 0s
187
- 1750K .......... .......... .......... .......... .......... 80% 511M 0s
188
- 1800K .......... .......... .......... .......... .......... 82% 523M 0s
189
- 1850K .......... .......... .......... .......... .......... 84% 565M 0s
190
- 1900K .......... .......... .......... .......... .......... 87% 496M 0s
191
- 1950K .......... .......... .......... .......... .......... 89% 415M 0s
192
- 2000K .......... .......... .......... .......... .......... 91% 536M 0s
193
- 2050K .......... .......... .......... .......... .......... 93% 403M 0s
194
- 2100K .......... .......... .......... .......... .......... 96% 454M 0s
195
- 2150K .......... .......... .......... .......... .......... 98% 403M 0s
196
- 2200K .......... .......... .......... ........ 100% 641M=0.02s
197
-
198
- 2025-10-09 18:31:56 (118 MB/s) - โ€˜git-delta_0.18.2_arm64.debโ€™ saved [2292336/2292336]
199
-
200
- (Reading database ... 23523 files and directories currently installed.)
201
- Preparing to unpack git-delta_0.18.2_arm64.deb ...
202
- Unpacking git-delta (0.18.2) over (0.18.2) ...
203
- Setting up git-delta (0.18.2) ...
204
- โœ… Command 5 completed successfully
205
-
206
- ๐Ÿ“ [6/10] sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/download/v${Z...
207
- --2025-10-09 18:31:56-- https://github.com/deluan/zsh-in-docker/releases/download/v1.2.0/zsh-in-docker.sh
208
- Resolving github.com (github.com)... 20.87.245.0
209
- Connecting to github.com (github.com)|20.87.245.0|:443... connected.
210
- HTTP request sent, awaiting response... 302 Found
211
- Location: https://release-assets.githubusercontent.com/github-production-release-asset/207162804/8afe1b92-7364-41b9-9e24-1c704ccf220d?sp=r&sv=2018-11-09&sr=b&spr=https&se=2025-10-09T19%3A18%3A38Z&rscd=attachment%3B+filename%3Dzsh-in-docker.sh&rsct=application%2Foctet-stream&skoid=96c2d410-5711-43a1-aedd-ab1947aa7ab0&sktid=398a6654-997b-47e9-b12b-9515b896b4de&skt=2025-10-09T18%3A17%3A39Z&ske=2025-10-09T19%3A18%3A38Z&sks=b&skv=2018-11-09&sig=uymHSHDf26tIi9rheQuEUARoScEXKEC9DIfao1H5X8o%3D&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmVsZWFzZS1hc3NldHMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwia2V5Ijoia2V5MSIsImV4cCI6MTc2MDAzNDkyNSwibmJmIjoxNzYwMDM0NjI1LCJwYXRoIjoicmVsZWFzZWFzc2V0cHJvZHVjdGlvbi5ibG9iLmNvcmUud2luZG93cy5uZXQifQ.lHr8IW9Y9ctEHUmvuB_Bo0RqZ44N1UwiGZlsQkHWMc8&response-content-disposition=attachment%3B%20filename%3Dzsh-in-docker.sh&response-content-type=application%2Foctet-stream [following]
212
- --2025-10-09 18:31:56-- https://release-assets.githubusercontent.com/github-production-release-asset/207162804/8afe1b92-7364-41b9-9e24-1c704ccf220d?sp=r&sv=2018-11-09&sr=b&spr=https&se=2025-10-09T19%3A18%3A38Z&rscd=attachment%3B+filename%3Dzsh-in-docker.sh&rsct=application%2Foctet-stream&skoid=96c2d410-5711-43a1-aedd-ab1947aa7ab0&sktid=398a6654-997b-47e9-b12b-9515b896b4de&skt=2025-10-09T18%3A17%3A39Z&ske=2025-10-09T19%3A18%3A38Z&sks=b&skv=2018-11-09&sig=uymHSHDf26tIi9rheQuEUARoScEXKEC9DIfao1H5X8o%3D&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmVsZWFzZS1hc3NldHMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwia2V5Ijoia2V5MSIsImV4cCI6MTc2MDAzNDkyNSwibmJmIjoxNzYwMDM0NjI1LCJwYXRoIjoicmVsZWFzZWFzc2V0cHJvZHVjdGlvbi5ibG9iLmNvcmUud2luZG93cy5uZXQifQ.lHr8IW9Y9ctEHUmvuB_Bo0RqZ44N1UwiGZlsQkHWMc8&response-content-disposition=attachment%3B%20filename%3Dzsh-in-docker.sh&response-content-type=application%2Foctet-stream
213
- Resolving release-assets.githubusercontent.com (release-assets.githubusercontent.com)... 185.199.108.133, 185.199.110.133, 185.199.111.133, ...
214
- Connecting to release-assets.githubusercontent.com (release-assets.githubusercontent.com)|185.199.108.133|:443... connected.
215
- HTTP request sent, awaiting response... 200 OK
216
- Length: 5426 (5.3K) [application/octet-stream]
217
- Saving to: โ€˜STDOUTโ€™
218
-
219
- 0K ..... 100% 91.6M=0s
220
-
221
- 2025-10-09 18:31:56 (91.6 MB/s) - written to stdout [5426/5426]
222
-
223
-
224
- Installing Oh-My-Zsh with:
225
- THEME = default
226
- PLUGINS = git fzf
227
-
228
- fatal: destination path '/config/.oh-my-zsh/custom/themes/powerlevel10k' already exists and is not an empty directory.
229
- โŒ Command 6 failed: Command failed: sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/download/v${ZSH_IN_DOCKER_VERSION}/zsh-in-docker.sh)" -- -p git -p fzf -a "source /usr/share/doc/fzf/examples/key-bindings.zsh" -a "source /usr/share/doc/fzf/examples/completion.zsh" -a "export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhistory/.bash_history" -x
230
-
231
- โš ๏ธ Build failed at command 6/10
232
- ๐Ÿ“ Partial build script available at: sandboxbox-sandbox/build.sh
233
- โŒ Error: Build failed: Command failed: sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/download/v${ZSH_IN_DOCKER_VERSION}/zsh-in-docker.sh)" -- -p git -p fzf -a "source /usr/share/doc/fzf/examples/key-bindings.zsh" -a "source /usr/share/doc/fzf/examples/completion.zsh" -a "export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhistory/.bash_history" -x
234
- โŒ Command failed: Command failed: node "./container.js" build ./Dockerfile
package/init-firewall.sh DELETED
@@ -1,36 +0,0 @@
1
- #!/bin/bash
2
- # Firewall initialization script for container networking
3
- # This script sets up basic firewall rules for container isolation
4
-
5
- set -e
6
-
7
- echo "Initializing firewall rules..."
8
-
9
- # Check if iptables is available
10
- if ! command -v iptables &> /dev/null; then
11
- echo "Error: iptables not found"
12
- exit 1
13
- fi
14
-
15
- # Allow established connections
16
- iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT || true
17
-
18
- # Allow loopback
19
- iptables -A INPUT -i lo -j ACCEPT || true
20
- iptables -A OUTPUT -o lo -j ACCEPT || true
21
-
22
- # Allow DNS
23
- iptables -A OUTPUT -p udp --dport 53 -j ACCEPT || true
24
- iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT || true
25
-
26
- # Allow HTTP/HTTPS outbound (for package downloads, etc)
27
- iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT || true
28
- iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT || true
29
-
30
- # Allow SSH outbound
31
- iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT || true
32
-
33
- # Allow git protocol
34
- iptables -A OUTPUT -p tcp --dport 9418 -j ACCEPT || true
35
-
36
- echo "Firewall rules initialized successfully"
package/lib/bubblewrap.js DELETED
@@ -1,203 +0,0 @@
1
- /**
2
- * Portable bubblewrap binary manager
3
- * Handles bundled, system, and downloaded bubblewrap binaries
4
- */
5
-
6
- import fs from 'fs';
7
- import path from 'path';
8
- import https from 'https';
9
- import { execSync } from 'child_process';
10
- import { fileURLToPath } from 'url';
11
- import { dirname } from 'path';
12
-
13
- const __filename = fileURLToPath(import.meta.url);
14
- const __dirname = dirname(__filename);
15
-
16
- export class BubblewrapManager {
17
- constructor() {
18
- this.bwrapPath = null;
19
- this.alpineRoot = path.join(
20
- process.env.HOME || process.env.USERPROFILE,
21
- '.cache',
22
- 'sandboxbox',
23
- 'alpine-root'
24
- );
25
- }
26
-
27
- /**
28
- * Find bubblewrap binary in this order:
29
- * 1. Bundled binary (downloaded during npm install)
30
- * 2. System binary
31
- * 3. Throw error with helpful message
32
- */
33
- findBubblewrap() {
34
- if (this.bwrapPath) {
35
- return this.bwrapPath;
36
- }
37
-
38
- // Try bundled binary first
39
- const bundledPath = path.join(__dirname, '..', 'bin', 'bwrap');
40
- if (fs.existsSync(bundledPath)) {
41
- try {
42
- // Test if it works
43
- execSync(`"${bundledPath}" --version`, { stdio: 'ignore' });
44
- this.bwrapPath = bundledPath;
45
- console.log('โœ… Using bundled bubblewrap');
46
- return this.bwrapPath;
47
- } catch (e) {
48
- console.log('โš ๏ธ Bundled bubblewrap not working, falling back to system...');
49
- }
50
- }
51
-
52
- // Try system binary
53
- try {
54
- const systemBwrap = execSync('which bwrap', { encoding: 'utf8' }).trim();
55
- if (systemBwrap && fs.existsSync(systemBwrap)) {
56
- execSync(`"${systemBwrap}" --version`, { stdio: 'ignore' });
57
- this.bwrapPath = systemBwrap;
58
- console.log('โœ… Using system bubblewrap');
59
- return this.bwrapPath;
60
- }
61
- } catch (e) {
62
- // System bwrap not available
63
- }
64
-
65
- // No bubblewrap found
66
- throw new Error(`
67
- โŒ Bubblewrap not found!
68
-
69
- ๐Ÿ’ก Easy fixes:
70
- 1. Reinstall SandboxBox: npm uninstall sandboxbox && npm install sandboxbox
71
- 2. Install system-wide: sudo apt-get install bubblewrap
72
- 3. Install manually: https://github.com/containers/bubblewrap
73
-
74
- ๐Ÿ“ฆ SandboxBox works on Linux only and requires bubblewrap for container isolation.
75
- `);
76
- }
77
-
78
- /**
79
- * Check if bubblewrap is available
80
- */
81
- isAvailable() {
82
- try {
83
- this.findBubblewrap();
84
- return true;
85
- } catch (e) {
86
- return false;
87
- }
88
- }
89
-
90
- /**
91
- * Get bubblewrap version
92
- */
93
- getVersion() {
94
- try {
95
- const bwrapPath = this.findBubblewrap();
96
- const version = execSync(`"${bwrapPath}" --version`, { encoding: 'utf8' });
97
- return version.trim();
98
- } catch (e) {
99
- return 'Unknown';
100
- }
101
- }
102
-
103
- /**
104
- * Check if user namespaces are available
105
- */
106
- checkUserNamespaces() {
107
- try {
108
- // Try to create a user namespace
109
- execSync('unshare -U true', { stdio: 'ignore' });
110
- return true;
111
- } catch (e) {
112
- return false;
113
- }
114
- }
115
-
116
- /**
117
- * Setup Alpine Linux rootfs if needed
118
- */
119
- async ensureAlpineRoot() {
120
- if (fs.existsSync(path.join(this.alpineRoot, 'bin', 'sh'))) {
121
- return; // Already set up
122
- }
123
-
124
- console.log('๐Ÿ”๏ธ Setting up Alpine Linux environment...');
125
-
126
- fs.mkdirSync(this.alpineRoot, { recursive: true });
127
-
128
- // Download Alpine minirootfs
129
- const alpineVersion = '3.20.2';
130
- const arch = process.arch === 'x64' ? 'x86_64' : process.arch;
131
- const tarball = `alpine-minirootfs-${alpineVersion}-${arch}.tar.gz`;
132
- const tarballPath = path.join(this.alpineRoot, tarball);
133
-
134
- console.log('๐Ÿ“ฅ Downloading Alpine Linux...');
135
- const url = `https://dl-cdn.alpinelinux.org/alpine/v3.20/releases/${arch}/${tarball}`;
136
-
137
- await new Promise((resolve, reject) => {
138
- const file = fs.createWriteStream(tarballPath);
139
-
140
- https.get(url, (response) => {
141
- if (response.statusCode !== 200) {
142
- reject(new Error(`HTTP ${response.statusCode}`));
143
- return;
144
- }
145
-
146
- response.pipe(file);
147
-
148
- file.on('finish', () => {
149
- file.close();
150
- resolve();
151
- });
152
- }).on('error', reject);
153
- });
154
-
155
- // Extract Alpine
156
- console.log('๐Ÿ“ฆ Extracting Alpine rootfs...');
157
- execSync(`tar -xzf "${tarballPath}" -C "${this.alpineRoot}"`, { stdio: 'inherit' });
158
- fs.unlinkSync(tarballPath);
159
-
160
- // Install basic packages
161
- console.log('๐Ÿ”ง Installing Node.js and Chromium...');
162
- const bwrapPath = this.findBubblewrap();
163
-
164
- execSync(`
165
- "${bwrapPath}" \\
166
- --ro-bind "${this.alpineRoot}" / \\
167
- --proc /proc \\
168
- --dev /dev \\
169
- --tmpfs /tmp \\
170
- --share-net \\
171
- --die-with-parent \\
172
- /bin/sh -c "
173
- echo 'https://dl-cdn.alpinelinux.org/alpine/v3.20/main' > /etc/apk/repositories
174
- echo 'https://dl-cdn.alpinelinux.org/alpine/v3.20/community' >> /etc/apk/repositories
175
- apk update
176
- apk add --no-cache nodejs npm chromium nss freetype harfbuzz ttf-freefont xvfb mesa-gl libx11 libxrandr libxss
177
- echo 'โœ… Alpine setup complete'
178
- "
179
- `, { stdio: 'inherit' });
180
-
181
- console.log('โœ… Alpine Linux environment ready!');
182
- }
183
-
184
- /**
185
- * Get Alpine root path
186
- */
187
- getAlpineRoot() {
188
- return this.alpineRoot;
189
- }
190
-
191
- /**
192
- * Cleanup cached files
193
- */
194
- cleanup() {
195
- if (fs.existsSync(this.alpineRoot)) {
196
- fs.rmSync(this.alpineRoot, { recursive: true, force: true });
197
- console.log('๐Ÿงน Cleaned up Alpine cache');
198
- }
199
- }
200
- }
201
-
202
- // Export singleton instance
203
- export const bubblewrap = new BubblewrapManager();