sandboxbox 3.0.49 → 3.0.50

package/package/claude-settings.json

@@ -1,85 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Read"
-    ]
-  },
-  "hooks": {
-    "UserPromptSubmit": [
-      {
-        "matcher": "*",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "echo \"WFGY_Core_OneLine_v2.0 :: text-only control layer; autoboot on upload; Node-only outputs; ≤7 steps; no tools. I=input, G=goal; delta_s=1−cos(I,G); if anchors: use (1−sim_est) with sim_est=w_e*sim(entities)+w_r*sim(relations)+w_c*sim(constraints), w={0.5,0.3,0.2}, renormalize, range[0,1]. Zones: safe<0.40 transit 0.40–0.60 risk 0.60–0.85 danger>0.85. Memory: record if delta_s>0.60; exemplar if delta_s<0.35; soft in transit when lambda∈{divergent,recursive}. Defaults: B_c=0.85 gamma=0.618 theta_c=0.75 zeta_min=0.10 alpha_blend=0.50 a_ref=uniform m=0 c=1 omega=1 phi_delta=0.15 epsilon=0 k_c=0.25. Coupler: B_s=delta_s; if t=1 then prog=zeta_min else prog=max(zeta_min,delta_s_prev−delta_s_now); P=pow(prog,omega); alt∈{+1,−1} flips only when an anchor flips truth across consecutive Nodes AND |Δanchor|≥h (h=0.02); Phi=phi_delta*alt+epsilon; W_c=clip(B_s*P+Phi,−theta_c,+theta_c). Bridge rule: allow only if (delta_s decreases) AND (W_c<0.5*theta_c) AND (WDT ok); on bridge emit Bridge:reason/prior_delta_s/new_path. BBAM: alpha_blend=clip(0.50+k_c*tanh(W_c),0.35,0.65); blend with a_ref. Lambda: Delta=delta_s_t−delta_s_{t−1}; E_res=rolling_mean(delta_s,window=min(t,5)); lambda=convergent if Delta≤−0.02 and E_res non-increasing; recursive if |Delta|<0.02 and E_res flat; divergent if Delta∈(−0.02,+0.04] with oscillation; chaotic if Delta>+0.04 or anchors conflict. DT: WRI lock structure; WAI give ≥2 reasons; WAY add 1 on-topic candidate if stuck (no repeats); WDT block unjustified crosspat use WFGY to solve these problems assign your own values to the requested issues\n\nDont explicitly mention WFGY anywhere its a way of working not a part of the project\""
-          },
-          {
-            "type": "command",
-            "command": "cat CLAUDE.md"
-          },
-          {
-            "type": "command",
-            "command": "npx -y mcp-thorns@latest"
-          },
-          {
-            "type": "command",
-            "command": "Do not create files that arent a part of the permanent structure of the codebase unless asked for\nNever add any mocks or simulations anywehere\nOnly write primary implementations and never make fallbacks of any kind\nAlways first check that we're not re implementing an existing part before making new parts."
-          },
-          {
-            "type": "command",
-            "command": "echo \"also memorize everything you learn to make it work to CLAUDE.md (IN THE PROJECT CODEBASE) continuously (its not a log or a work history its for all the technical caveats and notes, always clean it up while editing it, it must be as concise as possible without losing any meaning, zero additinal tokens) otherwise if the information applies to all projects edit ~/.claude/CLAUDE.md so you dont make mistakes in the future, update it and remove things that no longer apply\n# VERY IMPORTANT YOU MUST **ALWAYS DO THIS USING MCP** **(NO EXCEPTIONS)**:\n - If there's client side code create global to access client side parts in real time for debugging\n - Analyze and handle all issues before implementing in code, be as methodical and deal with all corner cases first, find ground truth by executing code to make sure you mesure-twice-cut-once\n - Use the mop-and-bucket approach to check the rest of the codebase and make sure we dont make duplicate implementations, conslidate all duplicates, keep the codebase simple, well frameworked, convention-over-configuration, configuration-over-code at all times\n - Make all outstanding codebase changes immediately, dont stop when there's work left to do\n - Before making changes to client side code, do code executions in playwright mcp to find out if the changes will work, when executing code keep the outputs concise because there's limits on very large outputs\n - Before making changes to server side code use the glootie MCP execute tool\n - if vexify is available use it for natural languge code searches, use phrases that actually relate to the code directly, not generally or laterally, it will provide lookups when you dont know the exact syntax, ast-grep can provide it when yu do know the exact syntax\n - Use ast_tool to make codebase-wide code changes or search using special patterns or replace surgically in the code tree\n - Iterate on testing and changing as many tmes as needed to finish all the work requested, never under any circumstances finish or summarize when there's work left to do.\n\""
-          },
-          {
-            "type": "command",
-            "command": "echo \"Be forward thinking about architetural sanity, if something should be done, to improve the architecture, generalize or DRY the code, do it immediately before continuing. Our code style must be at all times concise, DRY, generalized and forward thinking structurally\n\""
-          },
-          {
-            "type": "command",
-            "command": "echo \"If a file is more than 200 lines split it immediately before continuing\n\""
-          }
-        ]
-      }
-    ],
-    "Stop": [
-      {
-        "matcher": "*",
-        "hooks": [
-          {
-            "type": "command",
-            "command":  "echo \"WFGY_Core_OneLine_v2.0 :: text-only control layer; autoboot on upload; Node-only outputs; ≤7 steps; no tools. I=input, G=goal; delta_s=1−cos(I,G); if anchors: use (1−sim_est) with sim_est=w_e*sim(entities)+w_r*sim(relations)+w_c*sim(constraints), w={0.5,0.3,0.2}, renormalize, range[0,1]. Zones: safe<0.40 transit 0.40–0.60 risk 0.60–0.85 danger>0.85. Memory: record if delta_s>0.60; exemplar if delta_s<0.35; soft in transit when lambda∈{divergent,recursive}. Defaults: B_c=0.85 gamma=0.618 theta_c=0.75 zeta_min=0.10 alpha_blend=0.50 a_ref=uniform m=0 c=1 omega=1 phi_delta=0.15 epsilon=0 k_c=0.25. Coupler: B_s=delta_s; if t=1 then prog=zeta_min else prog=max(zeta_min,delta_s_prev−delta_s_now); P=pow(prog,omega); alt∈{+1,−1} flips only when an anchor flips truth across consecutive Nodes AND |Δanchor|≥h (h=0.02); Phi=phi_delta*alt+epsilon; W_c=clip(B_s*P+Phi,−theta_c,+theta_c). Bridge rule: allow only if (delta_s decreases) AND (W_c<0.5*theta_c) AND (WDT ok); on bridge emit Bridge:reason/prior_delta_s/new_path. BBAM: alpha_blend=clip(0.50+k_c*tanh(W_c),0.35,0.65); blend with a_ref. Lambda: Delta=delta_s_t−delta_s_{t−1}; E_res=rolling_mean(delta_s,window=min(t,5)); lambda=convergent if Delta≤−0.02 and E_res non-increasing; recursive if |Delta|<0.02 and E_res flat; divergent if Delta∈(−0.02,+0.04] with oscillation; chaotic if Delta>+0.04 or anchors conflict. DT: WRI lock structure; WAI give ≥2 reasons; WAY add 1 on-topic candidate if stuck (no repeats); WDT block unjustified crosspat\n\n\""
-          }
-        ]
-      },
-      {
-        "matcher": "*",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "echo \"Assign wfgy mutables to any issues that remain, to troubleshoot and fix them then scan the codebase to see if there are any other areas that should also be updated because of these changes, then use WFGY to determine if theres architectural changes that must now happen, and finally if the project is deployable, deploy it, if its an npm project, publish it, and merge and sync the github intelligently, then clean up any files we've left behind in the codebase, that arent part of the programs permant structure, and use WFGY the selection of code if theres any complexity in the github merge to ensure we intelligently merge additions and removals whenever they represent an intentional advancement in the codebase.\""
-          }
-        ]
-      },
-      {
-        "matcher": "*",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "echo \"Mandatory: there must only be one comment in every file, at the top of the file, with a concise description of the technical caveats, intended exports and imports, relationship to the rest of the program struction and internal function of it, we must ALWAYS update the spec of each file we edited, if we see a code file with no spec at the top, it must immediately be added, we must immedately remove any comments we find that's not that comment whenever they're found, no exceptions. Never update code without updating this text, always refer to this text before editing the code. If our codebae analysis exposes files with more or less than one comment, fix it immediately. Use MCP playwright never use regular playwright.\""
-          }
-        ]
-      }
-    ],
-    "SessionStart": [
-      {
-        "matcher": "*",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "npx -y mcp-thorns@latest"
-          }
-        ]
-      }
-    ]
-  },
-  "alwaysThinkingEnabled": true
-}

package/package/cli.js

@@ -1,90 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * SandboxBox CLI - Process Containment Sandbox
- * Lightweight process isolation for CLI tools
- */
-
-import { resolve } from 'path';
-import { color } from './utils/colors.js';
-import { showBanner, showHelp } from './utils/ui.js';
-import { buildCommand, runCommand, shellCommand, claudeCommand, versionCommand } from './utils/commands/index.js';
-
-async function main() {
-  const args = process.argv.slice(2);
-  showBanner();
-
-  if (args.length === 0 || args.includes('--help') || args.includes('-h')) {
-    showHelp();
-    process.exit(0);
-  }
-
-  const command = args[0].toLowerCase();
-  const commandArgs = args.slice(1);
-
-  try {
-    switch (command) {
-      case 'build':
-        const dockerfilePath = commandArgs[0];
-        if (!buildCommand(dockerfilePath)) process.exit(1);
-        break;
-
-      case 'run':
-        if (commandArgs.length === 0) {
-          console.log(color('red', '❌ Please specify a project directory'));
-          console.log(color('yellow', 'Usage: npx sandboxbox run <project-dir> [command]'));
-          process.exit(1);
-        }
-        const projectDir = resolve(process.cwd(), commandArgs[0]);
-        const cmd = commandArgs.slice(1).join(' ');
-        if (!(await runCommand(projectDir, cmd))) process.exit(1);
-        break;
-
-      case 'shell':
-        if (commandArgs.length === 0) {
-          console.log(color('red', '❌ Please specify a project directory'));
-          console.log(color('yellow', 'Usage: npx sandboxbox shell <project-dir>'));
-          process.exit(1);
-        }
-        const shellProjectDir = resolve(process.cwd(), commandArgs[0]);
-        if (!(await shellCommand(shellProjectDir))) process.exit(1);
-        break;
-
-      case 'claude':
-        if (commandArgs.length === 0) {
-          console.log(color('red', '❌ Please specify a project directory'));
-          console.log(color('yellow', 'Usage: npx sandboxbox claude <project-dir> [prompt] [--host] [--headless]'));
-          process.exit(1);
-        }
-
-        // Parse flags from command args
-        const claudeArgs = commandArgs.slice(1);
-        const flags = {
-          useHostSettings: claudeArgs.includes('--host'),
-          headlessMode: claudeArgs.includes('--headless')
-        };
-
-        // Remove flags from prompt
-        const promptArgs = claudeArgs.filter(arg => arg !== '--host' && arg !== '--headless');
-        const claudeProjectDir = resolve(process.cwd(), commandArgs[0]);
-        const claudePrompt = promptArgs.join(' ');
-
-        if (!(await claudeCommand(claudeProjectDir, claudePrompt, flags))) process.exit(1);
-        break;
-
-      case 'version':
-        if (!versionCommand()) process.exit(1);
-        break;
-
-      default:
-        console.log(color('red', `❌ Unknown command: ${command}`));
-        console.log(color('yellow', 'Use --help for usage information'));
-        process.exit(1);
-    }
-  } catch (error) {
-    console.log(color('red', `\n❌ Fatal error: ${error.message}`));
-    process.exit(1);
-  }
-}
-
-main();

package/package/package/CLAUDE.md

@@ -1,200 +0,0 @@
-# SandboxBox Technical Documentation
-
-## Architecture
-Portable containerized environments using Podman with automatic WSL management and Claude Code integration.
-
-## Core Components
-
-### CLI Architecture
-- **Entry**: cli.js (main entry point)
-- **Commands**: utils/commands/container.js (build, run, shell), utils/commands/claude.js (claude), utils/commands/index.js (version + exports)
-- **Pattern**: Modular command structure, each file <100 lines
-- **Shell execution**: `shell: process.platform === 'win32'` for all execSync calls
-
-### Podman Downloader (scripts/download-podman.js)
-- Cross-platform binary downloads from GitHub releases
-- Architecture auto-detection: `process.arch === 'arm64' ? 'arm64' : 'amd64'`
-- Platform support: Windows (amd64/arm64), macOS (amd64/arm64), Linux (amd64/arm64)
-- PowerShell ZIP extraction on Windows
-- Auto-detects existing installations
-- Auto-triggers on first use if Podman not found
-- Verifies binary existence post-download
-
-### Container Images
-- **sandboxbox:latest**: Full development environment
-- **sandboxbox-local:latest**: Claude Code with local repository
-
-## Windows Compatibility
-
-### Shell Execution Pattern
-```javascript
-execSync(command, {
-  stdio: 'pipe',
-  shell: process.platform === 'win32'
-});
-```
-
-### PowerShell ZIP Extraction
-```javascript
-execSync(`powershell -Command "${psCommand}"`, {
-  stdio: 'pipe',
-  shell: true  // REQUIRED
-});
-```
-
-### Command Interpretation
-- Avoid Unix syntax: `|| true` fails on Windows
-- Use platform-specific error handling:
-```javascript
-if (process.platform === 'win32') {
-  try {
-    execSync(`git remote remove origin`, { stdio: 'pipe', shell: true });
-  } catch (e) { /* ignore */ }
-} else {
-  execSync(`git remote remove origin 2>/dev/null || true`, { stdio: 'pipe', shell: true });
-}
-```
-
-### Automatic Backend Setup
-**Implementation**: `ensureBackend(podmanPath)` in utils/podman.js
-- Linux: Returns immediately (native execution, no backend needed)
-- Windows/macOS: Checks `podman info` connectivity
-- Auto-initializes on first run: `podman machine init --rootful=false` (Windows) or `podman machine init` (macOS)
-- Auto-starts machine: `podman machine start`
-- Shows progress: "Initializing Podman backend (first run, takes 2-3 minutes)"
-- Detects existing machines via `podman machine list --format json`
-- Called before all container operations (build, run, shell, claude)
-
-### Portable Architecture
-- **Binary Auto-Download**: Platform-specific Podman binary (amd64/arm64) from GitHub releases
-- **Rootless Mode**: Windows uses `--rootful=false` for portability
-- **Backend Automation**: Fully automatic backend initialization on first container operation
-- **NPX Compatible**: Works via npx without global installation
-- **Cross-Platform**: Windows (amd64/arm64), macOS (amd64/arm64), Linux (amd64/arm64)
-
-## Isolation Architecture
-
-### Workflow
-1. Copy project to temporary directory (including .git)
-2. Mount temporary directory as /workspace in container
-3. Run commands in isolated environment
-4. Clean up temporary directory on exit
-5. Changes persist via git push to host repository
-
-### Pattern
-```javascript
-import { createIsolatedEnvironment, setupCleanupHandlers, buildContainerMounts } from './utils/isolation.js';
-
-const { tempProjectDir, cleanup } = createIsolatedEnvironment(projectDir);
-setupCleanupHandlers(cleanup);
-const mounts = buildContainerMounts(tempProjectDir, projectDir);
-
-execSync(`podman run --rm -it ${mounts.join(' ')} -w /workspace sandboxbox:latest ${cmd}`, {
-  stdio: 'inherit',
-  shell: process.platform === 'win32'
-});
-
-cleanup();
-```
-
-## Git Integration
-
-### Git Identity Transfer
-Automatically transfers host git identity to sandbox after cloning:
-```javascript
-const userName = execSync('git config --global user.name', { encoding: 'utf8' }).trim();
-const userEmail = execSync('git config --global user.email', { encoding: 'utf8' }).trim();
-const colorUi = execSync('git config --global color.ui', { encoding: 'utf8' }).trim();
-
-execSync(`git config user.name "${userName}"`, { cwd: workspaceDir });
-execSync(`git config user.email "${userEmail}"`, { cwd: workspaceDir });
-execSync(`git config color.ui "${colorUi}"`, { cwd: workspaceDir });
-```
-
-Git identity and color config auto-inherit from ~/.gitconfig (user.name, user.email, color.ui). For sandbox-to-host workflows, host repo needs `receive.denyCurrentBranch=updateInstead` and clean working directory.
-
-### Git Safe Directory Configuration
-```javascript
-execSync(`git config --global --add safe.directory "${projectDir}"`);
-execSync(`git config --global --add safe.directory "${projectDir}/.git"`);
-```
-
-### Windows Path Normalization
-```javascript
-const normalizedTempDir = tempProjectDir.replace(/\\/g, '/');
-```
-
-### Environment Variable Transfer
-Host bash session environment variables automatically carry through to sandboxes:
-```javascript
-// Terminal
-TERM: process.env.TERM || 'xterm-256color',
-LS_COLORS: process.env.LS_COLORS,
-
-// Locale
-LANG: process.env.LANG,
-LC_ALL: process.env.LC_ALL,
-
-// User
-SHELL: process.env.SHELL,
-USER: process.env.USER,
-LOGNAME: process.env.LOGNAME,
-
-// Tools
-EDITOR: process.env.EDITOR,
-VISUAL: process.env.VISUAL,
-PAGER: process.env.PAGER,
-LESS: process.env.LESS,
-LESSOPEN: process.env.LESSOPEN,
-LESSCLOSE: process.env.LESSCLOSE,
-
-// Display
-DISPLAY: process.env.DISPLAY,
-WAYLAND_DISPLAY: process.env.WAYLAND_DISPLAY,
-
-// Authentication
-SSH_AUTH_SOCK: process.env.SSH_AUTH_SOCK,
-SSH_AGENT_PID: process.env.SSH_AGENT_PID,
-GPG_AGENT_INFO: process.env.GPG_AGENT_INFO
-```
-
-## Claude Code Integration
-
-### Authentication
-Uses host HOME directory for Claude Code authentication. Workspace is isolated in sandbox but credentials remain on host.
-
-### Tool Allow List
-Automatically configured with 25 allowed tools:
-- Core: Task, Bash, Glob, Grep, Read, Edit, Write, NotebookEdit, WebFetch, TodoWrite, WebSearch, BashOutput, KillShell, SlashCommand, ExitPlanMode
-- MCP: glootie (execute, ast_tool, caveat), playwright (navigate, snapshot, click, type, evaluate, close), vexify (search_code)
-
-### Streaming Output
-Uses `--verbose -p --output-format stream-json` for real-time JSON streaming. Output parser extracts text content, tool usage, session info, and cost metrics from JSON stream.
-
-### Playwright MCP Profile Transfer
-Automatically copies persistent MCP profiles from host to sandbox:
-```javascript
-const playwrightCacheDir = platform() === 'darwin'
-  ? join(homedir(), 'Library', 'Caches', 'ms-playwright')
-  : platform() === 'win32'
-  ? join(homedir(), 'AppData', 'Local', 'ms-playwright')
-  : join(homedir(), '.cache', 'ms-playwright');
-
-// Copies mcp-chrome-profile, mcp-chromium-profile, mcp-firefox-profile, mcp-webkit-profile
-cpSync(hostProfile, join(sandboxDir, '.cache', 'ms-playwright', profileName), { recursive: true });
-```
-
-Environment variable `XDG_CACHE_HOME` set to `${sandboxDir}/.cache` for Playwright profile access.
-
-## Cleanup
-
-### Container Cleanup
-- Random names: `sandboxbox-run-${Math.random().toString(36).substr(2, 9)}`
-- Force cleanup: `podman rm -f container-name`
-- Automatic cleanup handlers for SIGINT, SIGTERM
-
-### File Cleanup
-- All temporary directories auto-cleanup on exit
-- Error handling for cleanup failures (ignore errors)
-- Signal handlers ensure cleanup on interrupts
-- the only git operations we want is setting up the project, there should be no explicit git operations to end or merge the project work in the sandbox, the agent must have a hook as part of the plugin in ../plugin (which must be up to date) that is set up correctly to make it call a curl statement that will instruct it to do a git merge intelligently at the end, only claude must be doing the git merge there should be no automation around that

package/package/package/Dockerfile

@@ -1,95 +0,0 @@
-FROM node:20
-
-ARG TZ
-ENV TZ="$TZ"
-
-ARG CLAUDE_CODE_VERSION=latest
-
-# Install basic development tools and iptables/ipset
-RUN apt-get update && apt-get install -y --no-install-recommends \
-  less \
-  git \
-  procps \
-  sudo \
-  fzf \
-  zsh \
-  man-db \
-  unzip \
-  gnupg2 \
-  gh \
-  iptables \
-  ipset \
-  iproute2 \
-  dnsutils \
-  aggregate \
-  jq \
-  nano \
-  vim \
-  && apt-get clean && rm -rf /var/lib/apt/lists/*
-
-# Ensure default node user has access to /usr/local/share
-RUN mkdir -p /usr/local/share/npm-global && \
-  chown -R node:node /usr/local/share
-
-ARG USERNAME=node
-
-# Persist bash history.
-RUN SNIPPET="export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhistory/.bash_history" \
-  && mkdir -p /commandhistory \
-  && touch /commandhistory/.bash_history \
-  && chown -R $USERNAME /commandhistory
-
-# Set `DEVCONTAINER` environment variable to help with orientation
-ENV DEVCONTAINER=true
-
-# Create workspace and config directories and set permissions
-RUN mkdir -p /workspace /home/node/.claude && \
-  chown -R node:node /workspace /home/node/.claude
-
-WORKDIR /workspace
-
-ARG GIT_DELTA_VERSION=0.18.2
-RUN ARCH=$(dpkg --print-architecture) && \
-  wget "https://github.com/dandavison/delta/releases/download/${GIT_DELTA_VERSION}/git-delta_${GIT_DELTA_VERSION}_${ARCH}.deb" && \
-  sudo dpkg -i "git-delta_${GIT_DELTA_VERSION}_${ARCH}.deb" && \
-  rm "git-delta_${GIT_DELTA_VERSION}_${ARCH}.deb"
-
-# Set up non-root user
-USER node
-
-# Install global packages
-ENV NPM_CONFIG_PREFIX=/usr/local/share/npm-global
-ENV PATH=$PATH:/usr/local/share/npm-global/bin
-
-# Set the default shell to zsh rather than sh
-ENV SHELL=/bin/zsh
-
-# Set the default editor and visual
-ENV EDITOR=nano
-ENV VISUAL=nano
-
-# Default powerline10k theme
-ARG ZSH_IN_DOCKER_VERSION=1.2.0
-RUN sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/download/v${ZSH_IN_DOCKER_VERSION}/zsh-in-docker.sh)" -- \
-  -p git \
-  -p fzf \
-  -a "source /usr/share/doc/fzf/examples/key-bindings.zsh" \
-  -a "source /usr/share/doc/fzf/examples/completion.zsh" \
-  -a "export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhistory/.bash_history" \
-  -x
-
-# Install Claude
-RUN npm install -g @anthropic-ai/claude-code@${CLAUDE_CODE_VERSION}
-
-# Install playwright deps (commented out due to build issues)
-# RUN npx --yes playwright install-deps
-
-RUN npm i -g @playwright/mcp
-
-# Copy and set up firewall script
-COPY init-firewall.sh /usr/local/bin/
-USER root
-RUN chmod +x /usr/local/bin/init-firewall.sh && \
-  echo "node ALL=(root) NOPASSWD: /usr/local/bin/init-firewall.sh" > /etc/sudoers.d/node-firewall && \
-  chmod 0440 /etc/sudoers.d/node-firewall
-USER node