sandboxbox 3.0.74 → 3.0.76

package/.claude-sandbox/plugins/marketplaces/anentrypoint-glootie-cc/package.json

@@ -48,6 +48,6 @@
   "dependencies": {
     "@playwright/mcp": "^0.0.45",
     "mcp-glootie": "^3.4.67",
-    "vexify": "^0.16.28"
+    "vexify": "^0.19.1"
   }
 }

package/.mcp.json

@@ -0,0 +1,9 @@
+{
+  "$schema": "https://schemas.modelcontextprotocol.io/0.1.0/mcp.json",
+  "mcpServers": {
+    "sandboxbox": {
+      "command": "npx",
+      "args": ["sandboxbox", "mcp"]
+    }
+  }
+}

package/CHANGELOG.md

@@ -1,23 +1,31 @@
 # Changelog
 
-## [Unreleased]
+## [3.0.75] - 2025-11-13
 
 ### Added
-- `.claude-sandbox/` directory structure for bundled Claude settings and plugins
-- Automatic plugin path rewriting during sandbox creation to point to sandbox locations
-- Bundled glootie-cc MCP plugin in `.claude-sandbox/plugins/marketplaces/`
-- MCP servers configuration in plugin.json and settings.json (glootie, playwright, vexify)
-- Automatic MCP server path rewriting to use absolute sandbox directory paths
+- MCP server mode: Run sandboxbox as an MCP server with `npx sandboxbox mcp`
+- `sandboxbox_run` MCP tool: Execute prompts in isolated sandboxbox environments via MCP protocol
+- `.mcp.json` configuration file for easy Claude Code integration
+- Fetch polyfill in container: undici package installed globally with automatic polyfill via NODE_OPTIONS
+- Build command implementation: `npx sandboxbox build` to rebuild container images
+- Plugin registry files: installed_plugins.json and known_marketplaces.json in .claude-sandbox/
+- Automatic path rewriting for all plugin configuration files during sandbox creation
 
 ### Changed
-- Sandbox creation now uses `.claude-sandbox/` configuration instead of `sandboxbox-settings.json`
-- Plugin paths in `config.json` are automatically updated to sandbox-relative paths
-- MCP server paths are rewritten from ${HOME} placeholders to actual sandbox paths
-- Simplified Claude settings management with repository-based configuration
-
-### Known Issues
-- MCP tools not loading in Claude Code CLI - configuration is correct but servers not starting
-- Requires investigation into Claude Code CLI MCP server loading mechanism
+- Container claude wrapper uses NODE_OPTIONS to inject fetch polyfill automatically
+- Removed enabledPlugins from .claude-sandbox/settings.json (controlled by config.json)
+- Updated cli.js to support 'mcp' command
+- Added @modelcontextprotocol/sdk and undici dependencies
+- Dockerfile creates fetch-init.mjs for global fetch availability
+
+### Fixed
+- Fetch API not available in container: Added undici polyfill loaded via NODE_OPTIONS
+- Plugin paths now correctly rewritten in installed_plugins.json and known_marketplaces.json
+- Build command now functional with proper podman integration
+
+### Removed
+- Manual MCP server configurations from settings.json (delegated to plugin's .mcp.json)
+- Firewall script from Dockerfile (not essential for core functionality)
 
 ## [3.0.64] - 2025-10-27
 

package/CLAUDE.md

@@ -78,8 +78,15 @@ if (process.platform === 'win32') {
 1. Copy project to temporary directory (including .git)
 2. Mount temporary directory as /workspace in container
 3. Run commands in isolated environment
-4. Clean up temporary directory on exit
-5. Changes persist via git push to host repository
+4. Auto-commit and push changes to host repository
+5. Clean up temporary directory on exit
+
+### Auto-Commit & Push (v3.0.76+)
+- Cleanup function automatically detects uncommitted changes
+- Auto-commits with timestamped message: "sandboxbox auto-commit: {ISO timestamp}"
+- Auto-pushes to host repository before sandbox cleanup
+- Changes persist automatically without manual git operations
+- Graceful error handling - cleanup continues even if git operations fail
 
 ### Pattern
 ```javascript

package/Dockerfile

@@ -78,18 +78,27 @@ RUN sh -c "$(wget -O- https://github.com/deluan/zsh-in-docker/releases/download/
   -a "export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhistory/.bash_history" \
   -x
 
-# Install Claude
-RUN npm install -g @anthropic-ai/claude-code@${CLAUDE_CODE_VERSION}
-
-# Install playwright deps (commented out due to build issues)
-# RUN npx --yes playwright install-deps
+# Install Claude and dependencies
+RUN npm install -g @anthropic-ai/claude-code@${CLAUDE_CODE_VERSION} undici
 
 RUN npm i -g @playwright/mcp
 
-# Copy and set up firewall script
-COPY init-firewall.sh /usr/local/bin/
+# Switch to root to create wrapper scripts
 USER root
-RUN chmod +x /usr/local/bin/init-firewall.sh && \
-  echo "node ALL=(root) NOPASSWD: /usr/local/bin/init-firewall.sh" > /etc/sudoers.d/node-firewall && \
-  chmod 0440 /etc/sudoers.d/node-firewall
+
+# Create fetch polyfill init script
+RUN echo 'import { fetch, Headers, Request, Response } from "undici";\n\
+globalThis.fetch = fetch;\n\
+globalThis.Headers = Headers;\n\
+globalThis.Request = Request;\n\
+globalThis.Response = Response;\n\
+' > /usr/local/lib/fetch-init.mjs
+
+# Create wrapper script that uses the init
+RUN echo '#!/bin/bash\n\
+NODE_OPTIONS="--import=/usr/local/lib/fetch-init.mjs" exec /home/node/.local/bin/claude "$@"\n\
+' > /usr/local/bin/claude-with-fetch && \
+  chmod +x /usr/local/bin/claude-with-fetch && \
+  ln -sf /usr/local/bin/claude-with-fetch /usr/local/share/npm-global/bin/claude
+
 USER node

package/cli.js

@@ -1,10 +1,5 @@
 #!/usr/bin/env node
 
-/**
- * SandboxBox CLI - Process Containment Sandbox
- * Lightweight process isolation for CLI tools
- */
-
 import { resolve } from 'path';
 import { color } from './utils/colors.js';
 import { showBanner, showHelp } from './utils/ui.js';
@@ -76,6 +71,23 @@ async function main() {
         if (!versionCommand()) process.exit(1);
         break;
 
+      case 'mcp':
+        const { spawn } = await import('child_process');
+        const { fileURLToPath } = await import('url');
+        const { dirname } = await import('path');
+        const __filename = fileURLToPath(import.meta.url);
+        const __dirname = dirname(__filename);
+        const mcpServerPath = resolve(__dirname, 'utils', 'mcp-server.js');
+
+        const mcpProcess = spawn('node', [mcpServerPath], {
+          stdio: 'inherit'
+        });
+
+        mcpProcess.on('exit', (code) => {
+          process.exit(code || 0);
+        });
+        break;
+
       default:
         console.log(color('red', `❌ Unknown command: ${command}`));
         console.log(color('yellow', 'Use --help for usage information'));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sandboxbox",
-  "version": "3.0.74",
+  "version": "3.0.76",
   "description": "Lightweight process containment sandbox for CLI tools - Playwright, Claude Code, and more. Pure Node.js, no dependencies.",
   "type": "module",
   "main": "cli.js",
@@ -29,7 +29,10 @@
   ],
   "author": "",
   "license": "MIT",
-  "dependencies": {},
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.21.1",
+    "undici": "^7.16.0"
+  },
   "repository": {
     "type": "git",
     "url": "git+https://github.com/AnEntrypoint/sandboxbox.git"

package/utils/commands/claude.js

@@ -1,23 +1,23 @@
+import { fetch } from 'undici';
+if (!globalThis.fetch) {
+  globalThis.fetch = fetch;
+}
+
 import { existsSync, writeFileSync, appendFileSync } from 'fs';
 import { resolve, join } from 'path';
 import { spawn, execSync } from 'child_process';
 import { color } from '../colors.js';
 import { createSandbox, createSandboxEnv } from '../sandbox.js';
-// ClaudeOptimizer disabled to preserve bundled hooks
-// import { ClaudeOptimizer } from '../claude-optimizer.js';
 import { SystemOptimizer } from '../system-optimizer.js';
 
-// Console output configuration
 const MAX_CONSOLE_LINES = parseInt(process.env.SANDBOX_MAX_CONSOLE_LINES) || 5;
 const MAX_LOG_ENTRY_LENGTH = parseInt(process.env.SANDBOX_MAX_LOG_LENGTH) || 200;
 const ENABLE_FILE_LOGGING = process.env.SANDBOX_ENABLE_FILE_LOGGING === 'true';
 const VERBOSE_OUTPUT = process.env.SANDBOX_VERBOSE === 'true' || process.argv.includes('--verbose');
 global.toolCallLog = [];
 global.logFileHandle = null;
-global.pendingToolCalls = new Map(); // Track tool calls by ID for result matching
-global.conversationalBuffer = ''; // Track conversational text between tool calls
-
-// Helper function to extract tool metadata without showing actual content
+global.pendingToolCalls = new Map();
+global.conversationalBuffer = '';
 function extractToolMetadata(toolUse) {
   const metadata = {
     name: toolUse.name || 'unknown',
@@ -316,10 +316,13 @@ ${prompt}`;
       // Environment is now properly configured with same permissions as run command
 
       const proc = spawn('claude', claudeArgs, {
-        cwd: workspacePath,  // Set working directory directly
-        env: env,  // Use the same environment as run command for Git permissions
+        cwd: workspacePath,
+        env: {
+          ...env,
+          NODE_OPTIONS: '--import=/usr/local/lib/fetch-init.mjs'
+        },
         stdio: ['pipe', 'pipe', 'pipe'],
-        shell: false,  // Don't use shell since we're setting cwd directly
+        shell: false,
         detached: false
       });
 

package/utils/commands/container.js

@@ -1,11 +1,38 @@
 import { existsSync } from 'fs';
-import { resolve, join } from 'path';
+import { resolve, join, dirname } from 'path';
+import { execSync } from 'child_process';
 import { color } from '../colors.js';
 import { createSandbox, createSandboxEnv, runInSandbox } from '../sandbox.js';
+import { fileURLToPath } from 'url';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
 
 export function buildCommand(dockerfilePath) {
-  console.log(color('yellow', '⚠️  Build command not yet implemented'));
-  return false;
+  const repoRoot = resolve(__dirname, '..', '..');
+  const dockerfile = dockerfilePath || join(repoRoot, 'Dockerfile');
+
+  if (!existsSync(dockerfile)) {
+    console.log(color('red', `❌ Dockerfile not found: ${dockerfile}`));
+    return false;
+  }
+
+  console.log(color('cyan', `📦 Building sandboxbox container from ${dockerfile}...`));
+
+  try {
+    const buildContext = dirname(dockerfile);
+
+    execSync(`podman build -t sandboxbox:latest -f "${dockerfile}" "${buildContext}"`, {
+      stdio: 'inherit',
+      shell: process.platform === 'win32'
+    });
+
+    console.log(color('green', '✅ Container built successfully!'));
+    return true;
+  } catch (error) {
+    console.log(color('red', `❌ Build failed: ${error.message}`));
+    return false;
+  }
 }
 
 export async function runCommand(projectDir, cmd) {

package/utils/mcp-server.js

@@ -0,0 +1,121 @@
+#!/usr/bin/env node
+
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';
+import { spawn } from 'child_process';
+import { fileURLToPath } from 'url';
+import { dirname, resolve } from 'path';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+
+const server = new Server(
+  {
+    name: 'sandboxbox',
+    version: '1.0.0',
+  },
+  {
+    capabilities: {
+      tools: {},
+    },
+  }
+);
+
+server.setRequestHandler(ListToolsRequestSchema, async () => {
+  return {
+    tools: [
+      {
+        name: 'sandboxbox_run',
+        description: 'Execute a prompt in an isolated sandboxbox environment. Runs Claude Code with the given prompt in a temporary containerized workspace.',
+        inputSchema: {
+          type: 'object',
+          properties: {
+            prompt: {
+              type: 'string',
+              description: 'The prompt to execute in the sandboxbox environment',
+            },
+            directory: {
+              type: 'string',
+              description: 'The directory to run in (defaults to current directory)',
+            },
+          },
+          required: ['prompt'],
+        },
+      },
+    ],
+  };
+});
+
+server.setRequestHandler(CallToolRequestSchema, async (request) => {
+  if (request.params.name !== 'sandboxbox_run') {
+    throw new Error(`Unknown tool: ${request.params.name}`);
+  }
+
+  const { prompt, directory } = request.params.arguments;
+
+  if (!prompt || typeof prompt !== 'string') {
+    throw new Error('prompt is required and must be a string');
+  }
+
+  const targetDir = directory || process.cwd();
+  const cliPath = resolve(__dirname, '..', 'cli.js');
+
+  return new Promise((resolve, reject) => {
+    const args = ['claude', targetDir, prompt];
+    const child = spawn('node', [cliPath, ...args], {
+      stdio: ['ignore', 'pipe', 'pipe'],
+      env: { ...process.env, SANDBOX_VERBOSE: 'false' }
+    });
+
+    let stdout = '';
+    let stderr = '';
+
+    child.stdout.on('data', (data) => {
+      stdout += data.toString();
+    });
+
+    child.stderr.on('data', (data) => {
+      stderr += data.toString();
+    });
+
+    child.on('close', (code) => {
+      if (code !== 0) {
+        resolve({
+          content: [{
+            type: 'text',
+            text: `Error (exit code ${code}):\n${stderr || stdout}`,
+          }],
+          isError: true,
+        });
+      } else {
+        resolve({
+          content: [{
+            type: 'text',
+            text: stdout || 'Command completed successfully',
+          }],
+        });
+      }
+    });
+
+    child.on('error', (error) => {
+      resolve({
+        content: [{
+          type: 'text',
+          text: `Error: ${error.message}`,
+        }],
+        isError: true,
+      });
+    });
+  });
+});
+
+async function main() {
+  const transport = new StdioServerTransport();
+  await server.connect(transport);
+}
+
+main().catch((error) => {
+  console.error('Server error:', error);
+  process.exit(1);
+});

package/utils/sandbox.js

@@ -325,6 +325,66 @@ node_modules/
   }
 
   const cleanup = () => {
+    const VERBOSE_OUTPUT = process.env.SANDBOX_VERBOSE === 'true' || process.argv.includes('--verbose');
+
+    // Push any committed changes back to host before cleanup
+    try {
+      // Check if there are any uncommitted changes
+      const status = execSync(`git status --porcelain`, {
+        cwd: workspaceDir,
+        encoding: 'utf8',
+        stdio: 'pipe'
+      }).trim();
+
+      if (status) {
+        // Add all changes
+        execSync(`git add -A`, {
+          cwd: workspaceDir,
+          stdio: 'pipe',
+          shell: true
+        });
+
+        // Commit with timestamp
+        const commitMessage = `sandboxbox auto-commit: ${new Date().toISOString()}
+
+🤖 Generated with SandboxBox
+Changes made during sandboxbox session`;
+
+        execSync(`git commit -m "${commitMessage}"`, {
+          cwd: workspaceDir,
+          stdio: 'pipe',
+          shell: true
+        });
+
+        if (VERBOSE_OUTPUT) {
+          console.log('✅ Committed sandbox changes');
+        }
+      }
+
+      // Push to host repository (origin points to host)
+      try {
+        execSync(`git push origin HEAD`, {
+          cwd: workspaceDir,
+          stdio: 'pipe',
+          shell: true
+        });
+
+        if (VERBOSE_OUTPUT) {
+          console.log('✅ Pushed changes to host repository');
+        }
+      } catch (pushError) {
+        // Push might fail if there are no changes or network issues
+        if (VERBOSE_OUTPUT) {
+          console.log('⚠️  Could not push to host repository');
+        }
+      }
+    } catch (error) {
+      // Don't fail cleanup if git operations fail
+      if (VERBOSE_OUTPUT) {
+        console.log(`⚠️  Git sync failed: ${error.message}`);
+      }
+    }
+
     // Close any log files that might be open
     if (global.logFileHandle) {
       try {
@@ -334,6 +394,7 @@ node_modules/
         // Don't fail on log cleanup
       }
     }
+
     rmSync(sandboxDir, { recursive: true, force: true });
   };
 

package/utils/ui.js

@@ -18,6 +18,7 @@ export function showHelp() {
   console.log('  run <project-dir> [cmd]       Run project in container');
   console.log('  shell <project-dir>           Start interactive shell');
   console.log('  claude <project-dir> [prompt] [--host] [--headless]  Start Claude Code with Git integration');
+  console.log('  mcp                           Start as MCP server (stdio transport)');
   console.log('  version                       Show version information');
   console.log('');
   console.log(color('yellow', 'Claude Command Options:'));