sandboxbox 3.0.61 → 3.0.64

package/CHANGELOG.md

@@ -0,0 +1,24 @@
+# Changelog
+
+## [3.0.64] - 2025-10-27
+
+### Fixed
+- Console output now properly displays on new lines instead of appending to the same line
+- Claude Code conversational text output now ensures trailing newlines for proper formatting
+
+## [3.0.63] - 2025-10-27
+
+### Removed
+- Explicit MCP server configurations from sandboxbox-settings.json (now handled by Claude Code plugin)
+- Explicit hooks from sandboxbox-settings.json (now handled by Claude Code plugin)
+- Curl commands fetching external Git workflow guidelines from utils/commands/claude.js
+- MULTI_CONTAINER_TESTING_RESULTS.md (report file)
+- playwright.config.js (test configuration file)
+
+### Changed
+- Simplified prompt modification in claude command to remove external dependencies
+- Updated CLAUDE.md documentation to reflect architecture changes
+- Cleaned permissions in sandboxbox-settings.json to core operations only
+
+### Summary
+Cleaned up codebase by removing explicit hooks and MCP server configurations, delegating these to the Claude Code plugin for better separation of concerns and maintainability.

package/CLAUDE.md

@@ -164,9 +164,9 @@ GPG_AGENT_INFO: process.env.GPG_AGENT_INFO
 Uses host HOME directory for Claude Code authentication. Workspace is isolated in sandbox but credentials remain on host.
 
 ### Tool Allow List
-Automatically configured with 25 allowed tools:
+Automatically configured with core tools via command line flags:
 - Core: Task, Bash, Glob, Grep, Read, Edit, Write, NotebookEdit, WebFetch, TodoWrite, WebSearch, BashOutput, KillShell, SlashCommand, ExitPlanMode
-- MCP: glootie (execute, ast_tool, caveat), playwright (navigate, snapshot, click, type, evaluate, close), vexify (search_code)
+- MCP tools configured via Claude Code plugin (glootie, playwright, vexify) are available when plugin is installed
 
 ### Streaming Output
 Uses `--verbose -p --output-format stream-json` for real-time JSON streaming. Output parser extracts text content, tool usage, session info, and cost metrics from JSON stream.
@@ -196,5 +196,13 @@ Environment variable `XDG_CACHE_HOME` set to `${sandboxDir}/.cache` for Playwrig
 ### File Cleanup
 - All temporary directories auto-cleanup on exit
 - Error handling for cleanup failures (ignore errors)
-- Signal handlers ensure cleanup on interrupts
-- the only git operations we want is setting up the project, there should be no explicit git operations to end or merge the project work in the sandbox, the agent must have a hook as part of the plugin in ../plugin (which must be up to date) that is set up correctly to make it call a curl statement that will instruct it to do a git merge intelligently at the end, only claude must be doing the git merge there should be no automation around that
+- Signal handlers ensure cleanup on interrupts
+
+## Settings Configuration
+
+### sandboxbox-settings.json
+Bundled Claude Code settings for sandbox environments:
+- Plugin timeout: 5000ms
+- Permissions: Git operations (add, commit, push, status, log), file operations (Write, Read, Edit, Glob, Grep)
+- No explicit MCP server configurations (handled by Claude Code plugin)
+- No explicit hooks (handled by Claude Code plugin)

package/package.json

@@ -1,39 +1,41 @@
-{
-  "name": "sandboxbox",
-  "version": "3.0.61",
-  "description": "Lightweight process containment sandbox for CLI tools - Playwright, Claude Code, and more. Pure Node.js, no dependencies.",
-  "type": "module",
-  "main": "cli.js",
-  "bin": {
-    "sandboxbox": "cli.js"
-  },
-  "scripts": {
-    "start": "node cli.js"
-  },
-  "keywords": [
-    "sandbox",
-    "process-isolation",
-    "playwright",
-    "claude-code",
-    "cli-tools",
-    "environment-isolation",
-    "cross-platform",
-    "windows",
-    "macos",
-    "linux",
-    "portable",
-    "npm",
-    "npx"
-  ],
-  "author": "",
-  "license": "MIT",
-  "dependencies": {},
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/AnEntrypoint/sandboxbox.git"
-  },
-  "homepage": "https://github.com/AnEntrypoint/sandboxbox#readme",
-  "bugs": {
-    "url": "https://github.com/AnEntrypoint/sandboxbox/issues"
-  }
-}
+{
+  "name": "sandboxbox",
+  "version": "3.0.64",
+  "description": "Lightweight process containment sandbox for CLI tools - Playwright, Claude Code, and more. Pure Node.js, no dependencies.",
+  "type": "module",
+  "main": "cli.js",
+  "bin": {
+    "sandboxbox": "cli.js"
+  },
+  "scripts": {
+    "start": "node cli.js",
+    "test:gpu": "source /etc/profile.d/gpu-acceleration.sh && playwright test",
+    "playwright:gpu": "source /etc/profile.d/gpu-acceleration.sh && playwright"
+  },
+  "keywords": [
+    "sandbox",
+    "process-isolation",
+    "playwright",
+    "claude-code",
+    "cli-tools",
+    "environment-isolation",
+    "cross-platform",
+    "windows",
+    "macos",
+    "linux",
+    "portable",
+    "npm",
+    "npx"
+  ],
+  "author": "",
+  "license": "MIT",
+  "dependencies": {},
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/AnEntrypoint/sandboxbox.git"
+  },
+  "homepage": "https://github.com/AnEntrypoint/sandboxbox#readme",
+  "bugs": {
+    "url": "https://github.com/AnEntrypoint/sandboxbox/issues"
+  }
+}

package/sandboxbox-settings.json

@@ -2,20 +2,6 @@
   "$schema": "https://json.schemastore.org/claude-code-settings.json",
   "pluginTimeout": 5000,
   "alwaysThinkingEnabled": false,
-  "mcpServers": {
-    "glootie": {
-      "command": "npx",
-      "args": ["-y", "mcp-glootie@latest"]
-    },
-    "playwright": {
-      "command": "npx",
-      "args": ["-y", "@playwright/mcp@latest"]
-    },
-    "vexify": {
-      "command": "npx",
-      "args": ["-y", "vexify@latest", "mcp"]
-    }
-  },
   "permissions": {
     "allow": [
       "Bash(git add .)",
@@ -23,27 +9,11 @@
       "Bash(git push *)",
       "Bash(git status)",
       "Bash(git log *)",
-      "Bash(curl https://raw.githubusercontent.com/AnEntrypoint/glootie-cc/refs/heads/master/start.md)",
-      "Bash(npx -y mcp-thorns@latest)",
-      "Bash(npx -y wfgy@latest hook)",
       "Write(*)",
       "Read(*)",
       "Edit(*)",
       "Glob(*)",
       "Grep(*)"
     ]
-  },
-  "hooks": {
-    "UserPromptSubmit": [
-      {
-        "matcher": "*",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "curl https://raw.githubusercontent.com/AnEntrypoint/glootie-cc/refs/heads/master/start.md; npx -y mcp-thorns@latest; npx -y wfgy@latest hook"
-          }
-        ]
-      }
-    ]
   }
 }

package/utils/commands/claude.js

@@ -322,34 +322,9 @@ export async function claudeCommand(projectDir, prompt, flags = {}) {
         }
       }
 
-      // Execute curl command to get Git workflow guidelines
-      let gitWorkflowGuidelines = '';
-      try {
-        const curlResult = execSync('curl https://raw.githubusercontent.com/AnEntrypoint/glootie-cc/refs/heads/master/start.md', {
-          cwd: workspacePath,
-          encoding: 'utf8',
-          timeout: 10000,
-          stdio: 'pipe'
-        });
-        gitWorkflowGuidelines = curlResult.trim();
-      } catch (error) {
-        gitWorkflowGuidelines = '## Git Workflow Guidelines\nAlways sync to the remote/upstream git repo when you\'re finished with your work.';
-      }
-
-      // Modify the prompt to include directory change instruction and Git workflow guidelines
       const modifiedPrompt = `You are working in a sandboxed environment. Your working directory is "${workspacePath}". All operations should be performed in this directory.
 
-${gitWorkflowGuidelines}
-
-${prompt}
-
-IMPORTANT: Before finishing, you MUST execute these Git operations to sync your changes to the repository:
-1. Check git status: git status
-2. Add any new files: git add .
-3. Commit with descriptive message: git commit -m "Your commit message here"
-4. Push to remote repository: git push origin master
-
-This is mandatory - all changes must be preserved in the repository.`;
+${prompt}`;
 
       // Environment is now properly configured with same permissions as run command
 
@@ -383,8 +358,12 @@ This is mandatory - all changes must be preserved in the repository.`;
           if (Array.isArray(content)) {
             for (const block of content) {
               if (block.type === 'text') {
-                // Always show conversational text immediately
-                process.stdout.write(block.text);
+                const text = block.text || '';
+                if (!text.endsWith('\n')) {
+                  process.stdout.write(text + '\n');
+                } else {
+                  process.stdout.write(text);
+                }
               } else if (block.type === 'tool_use') {
                 // Track the tool call for later result matching
                 if (block.id) {

package/utils/sandbox.js

@@ -20,17 +20,41 @@ export function createSandbox(projectDir, options = {}) {
     });
   }
 
-  // Configure global git safe directories
-  execSync(`git config --global --add safe.directory "${projectDir}"`, {
-    stdio: 'pipe',
-    shell: true,
-    windowsHide: true
-  });
-  execSync(`git config --global --add safe.directory "${projectDir}/.git"`, {
-    stdio: 'pipe',
-    shell: true,
-    windowsHide: true
-  });
+  // Configure global git safe directories with duplicate prevention
+  function addSafeDirectory(dir) {
+    try {
+      // Check if directory is already in safe.directory config
+      const existingDirs = execSync('git config --global --get-all safe.directory', {
+        encoding: 'utf8',
+        stdio: 'pipe'
+      }).trim().split('\n').filter(d => d.length > 0);
+
+      if (!existingDirs.includes(dir)) {
+        execSync(`git config --global --add safe.directory "${dir}"`, {
+          stdio: 'pipe',
+          shell: true,
+          windowsHide: true
+        });
+      }
+    } catch (error) {
+      // If get-all fails, try adding directly (might be first entry)
+      try {
+        execSync(`git config --global --add safe.directory "${dir}"`, {
+          stdio: 'pipe',
+          shell: true,
+          windowsHide: true
+        });
+      } catch (addError) {
+        // Silently fail if config is locked or directory already exists
+        if (VERBOSE_OUTPUT) {
+          console.log(`Warning: Could not add safe.directory ${dir}: ${addError.message}`);
+        }
+      }
+    }
+  }
+
+  addSafeDirectory(projectDir);
+  addSafeDirectory(`${projectDir}/.git`);
 
   // Configure host repository to accept pushes to current branch
   try {

package/MULTI_CONTAINER_TESTING_RESULTS.md

@@ -1,101 +0,0 @@
-# SandboxBox Multi-Container Testing Results
-
-## Summary
-
-Successfully completed comprehensive testing of SandboxBox multi-container architecture with 4 concurrent instances. All core functionality verified working correctly.
-
-## Test Results
-
-### ✅ File System Isolation
-- Each container has separate workspace and git repository
-- Files created in one container do not affect others
-- Git repositories properly isolated with unique histories
-
-### ✅ MCP Playwright Tool Access
-- MCP Playwright tools work correctly in sandbox environments
-- Tools can access both sandbox servers and host servers
-- Screenshots and browser automation functioning properly
-- No errors or tool access issues encountered
-
-### ✅ Port Conflict Detection & Adaptation
-- Containers successfully detect existing ports and adapt
-- Port allocation system works when conflicts are found
-- Container 1: Port 3000 (host conflict detected, adapted)
-- Container 2: Port 3001 (host "Schwepe's Funky Universe" found)
-- Container 3: Port 3002 → 4567 (successful adaptation)
-- Container 4: Port 3003 (host server detected)
-
-### ✅ Credential Sharing System
-- Firebase credentials properly shared via symlink
-- Google Cloud credentials accessible in containers
-- GitHub CLI credentials working correctly
-- AWS credentials properly configured
-- SSH keys accessible for git operations
-- NPM credentials shared successfully
-
-### ✅ Server Priority Behavior
-**Key Finding**: Sandbox tools can access both sandbox servers and host servers:
-
-1. **When host server exists on port**: Tools access host server (port 3000 - "Schwepe's Funky Universe")
-2. **When no host server exists**: Tools access sandbox server preferentially (port 3005 - "SANDBOX SERVER")
-
-This behavior is actually optimal for development workflows where containers may need access to both their own services and existing host services.
-
-### ✅ Concurrent Container Execution
-- 4 SandboxBox instances running simultaneously without conflicts
-- Each container maintains separate environment and tools
-- Background processes properly isolated
-- No resource conflicts or interference between containers
-
-## Network Architecture
-
-**Current Design**: Containers share host localhost network
-- ✅ Allows access to host services (databases, APIs, existing servers)
-- ✅ Sandbox tools can access sandbox servers when no host conflict exists
-- ✅ Simplifies development workflow with existing local services
-- ⚠️ Containers can potentially see each other's servers (acceptable trade-off)
-
-**Alternative Considered**: Complete network isolation
-- Would prevent access to useful host services
-- Adds complexity without clear benefits for development use cases
-- Current shared-network approach better fits real-world development needs
-
-## Multi-Container Workflow Verification
-
-1. **Setup**: Used glootie to create 4 separate test directories
-2. **Server Creation**: Each container created unique web servers
-3. **Testing**: Verified servers start and adapt to port conflicts
-4. **Access**: Confirmed MCP Playwright can access each container's content
-5. **Isolation**: Verified containers don't interfere with each other's workspaces
-6. **Priority**: Confirmed sandbox tools work optimally with host/sandbox server access
-
-## Recommendations
-
-### Current Architecture ✅
-The current shared-network approach is optimal for development workflows:
-- Maintains access to existing local development services
-- Provides sandbox server access when no conflicts exist
-- Simplifies container setup and configuration
-- Follows principle of least surprise for developers
-
-### Future Enhancements (Optional)
-- Port allocation system could be enhanced for automatic conflict resolution
-- Network isolation options could be added as a feature flag
-- Container-to-container communication patterns could be documented
-
-## Conclusion
-
-SandboxBox successfully provides isolated development environments with:
-- Proper file system and workspace isolation
-- Working MCP Playwright tool integration
-- Smart server access that prioritizes sandbox servers while maintaining host access
-- Robust credential sharing for development tools
-- Reliable concurrent container execution
-
-The current implementation meets all requirements for multi-container development workflows while maintaining the flexibility needed for real-world development scenarios.
-
-## Version Information
-- **SandboxBox Version**: 3.0.61
-- **Test Date**: 2025-10-15
-- **Test Environment**: Linux WSL2
-- **Containers Tested**: 4 concurrent instances

package/manual-integration-test.txt

@@ -1 +0,0 @@
-test content from manual integration

package/test.txt

@@ -1 +0,0 @@
-This is a test file created by Claude Code.