sandsnap 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Libo Shen
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,287 @@
+# sandsnap
+
+A CLI for managing Deno Sandbox environments with simplified snapshot-based workflows. Create, evolve, and run isolated Linux environments without dealing with volumes directly.
+
+## Concept
+
+```
+base-image ──[commands]──► snapshot-A ──[commands]──► snapshot-B
+                                       ╲
+                                        ──[different commands]──► snapshot-C
+```
+
+Snapshots are immutable environment states. You **evolve** from one snapshot to create another, or **run** ephemeral commands against a snapshot without modifying it.
+
+## Features
+
+- **Snapshot-based workflow** - Think in terms of environment states, not volumes
+- **Evolve environments** - `snapshot A` + `commands` → `snapshot B`
+- **Ephemeral execution** - Run commands against a snapshot without modifying it
+- **Heredoc support** - Perfect for AI agents and scripting
+- **Auto-cleanup** - Smart deletion of snapshots and their backing storage
+
+## Installation
+
+```bash
+# Using npm
+npm install -g sandsnap
+
+# Or run directly with npx
+npx sandsnap <command>
+```
+
+Requires Node.js 24+ and a [Deno Deploy](https://console.deno.com/) account.
+
+## Setup
+
+1. Create an account at [console.deno.com](https://console.deno.com/)
+2. Go to **Settings → Organization tokens** and create a token
+3. Set the token:
+   ```bash
+   export DENO_DEPLOY_TOKEN=<your-token>
+   ```
+
+## Quick Start
+
+```bash
+# Create a snapshot with Python installed
+sandsnap evolve python-env <<'EOF'
+sudo apt-get update
+sudo apt-get install -y python3 python3-pip
+python3 --version
+EOF
+
+# Run commands against it (ephemeral - changes discarded)
+sandsnap run python-env <<'EOF'
+python3 -c "print('Hello from sandbox!')"
+EOF
+
+# Evolve further from existing snapshot
+sandsnap evolve python-ml --from python-env <<'EOF'
+pip3 install numpy pandas scikit-learn
+python3 -c "import numpy; print(numpy.__version__)"
+EOF
+
+# Interactive shell
+sandsnap run python-ml
+
+# List all snapshots
+sandsnap list
+
+# Delete a snapshot (auto-cleans backing storage)
+sandsnap delete python-env --force
+```
+
+## Commands
+
+### `sandsnap evolve <name>`
+
+Create a new snapshot by running commands on a base state.
+
+```bash
+# From base Debian image (default)
+sandsnap evolve my-env
+
+# From existing snapshot
+sandsnap evolve my-env-v2 --from my-env
+
+# With script file
+sandsnap evolve my-env --script setup.sh
+
+# With heredoc
+sandsnap evolve my-env <<'EOF'
+apt-get update
+apt-get install -y curl git
+EOF
+
+# Overwrite existing snapshot
+sandsnap evolve my-env --overwrite <<'EOF'
+# new setup
+EOF
+```
+
+**Options:**
+| Option | Description | Default |
+|--------|-------------|---------|
+| `--from <snapshot>` | Base snapshot to evolve from | debian-13 |
+| `--timeout <duration>` | Sandbox timeout (e.g., `10m`, `30m`) | `10m` |
+| `--capacity <size>` | Volume capacity (e.g., `2GiB`, `10GiB`) | `10GiB` |
+| `--memory <size>` | Sandbox memory (e.g., `1GiB`, `2GiB`, `4GiB`) | `1280MiB` |
+| `--region <region>` | Region (`ord` or `ams`) | `ord` |
+| `--env <KEY=VALUE>` | Set environment variable (repeatable) | - |
+| `--copy <src:dst>` | Copy file/dir from host to sandbox (repeatable) | - |
+| `--script <file>` | Read commands from file | - |
+| `--overwrite` | Replace existing snapshot | `false` |
+
+### `sandsnap run <snapshot>`
+
+Run commands in an ephemeral sandbox. Changes are discarded after exit.
+
+```bash
+# Interactive shell
+sandsnap run my-env
+
+# Run commands
+sandsnap run my-env <<'EOF'
+echo "Hello"
+python3 script.py
+EOF
+
+# With script file
+sandsnap run my-env --script test.sh
+```
+
+**Options:**
+| Option | Description | Default |
+|--------|-------------|---------|
+| `--timeout <duration>` | Sandbox timeout | `session` |
+| `--memory <size>` | Sandbox memory (e.g., `1GiB`, `2GiB`, `4GiB`) | `1280MiB` |
+| `--region <region>` | Region (`ord` or `ams`) | `ord` |
+| `--env <KEY=VALUE>` | Set environment variable (repeatable) | - |
+| `--copy <src:dst>` | Copy file/dir from host to sandbox (repeatable) | - |
+| `--copy-out <src:dst>` | Copy file/dir from sandbox to host (repeatable) | - |
+| `--script <file>` | Read commands from file | - |
+
+### `sandsnap list`
+
+List all snapshots.
+
+```bash
+sandsnap list
+sandsnap list --json
+sandsnap list --region ord
+```
+
+### `sandsnap delete <name>`
+
+Delete a snapshot and clean up its backing storage.
+
+```bash
+sandsnap delete my-env
+sandsnap delete my-env --force  # Skip confirmation
+```
+
+### `sandsnap prune`
+
+Clean up orphaned temporary volumes.
+
+```bash
+sandsnap prune --dry-run  # See what would be deleted
+sandsnap prune --force    # Delete without confirmation
+```
+
+### `sandsnap sandboxes`
+
+Manage running sandboxes (for debugging).
+
+```bash
+sandsnap sandboxes list           # List all sandboxes
+sandsnap sandboxes kill <id>      # Kill a specific sandbox
+sandsnap sandboxes kill-all       # Kill all running sandboxes
+```
+
+## Global Options
+
+| Option | Description |
+|--------|-------------|
+| `-v, --verbose` | Show detailed progress logs |
+| `-h, --help` | Show help |
+| `--version` | Show version |
+
+## Examples
+
+### Setting up a development environment
+
+```bash
+# Create base environment
+sandsnap evolve dev-base <<'EOF'
+sudo apt-get update
+sudo apt-get install -y git curl wget build-essential
+EOF
+
+# Add Node.js
+sandsnap evolve dev-node --from dev-base <<'EOF'
+curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
+sudo apt-get install -y nodejs
+node --version
+EOF
+
+# Add Python
+sandsnap evolve dev-python --from dev-base <<'EOF'
+sudo apt-get install -y python3 python3-pip python3-venv
+python3 --version
+EOF
+```
+
+### Running tests in isolation
+
+```bash
+# Run tests against a clean environment every time
+sandsnap run dev-node <<'EOF'
+cd /tmp
+git clone https://github.com/user/repo.git
+cd repo
+npm install
+npm test
+EOF
+```
+
+### Environment variables
+
+```bash
+# Pass environment variables to the sandbox
+sandsnap run python-env \
+  --env API_KEY=secret123 \
+  --env DEBUG=true \
+  <<'EOF'
+echo "API_KEY=$API_KEY"
+python3 -c "import os; print(os.environ.get('DEBUG'))"
+EOF
+```
+
+### File copy workflow
+
+```bash
+# Copy files into sandbox, process, copy results out
+sandsnap run python-env \
+  --copy ./data:/home/app/data \
+  --copy ./config.json:/home/app/config.json \
+  --copy-out /home/app/results:/tmp/results \
+  <<'EOF'
+python3 process.py --config /home/app/config.json
+EOF
+
+# Check results
+ls /tmp/results/
+```
+
+### AI agent workflow
+
+```bash
+# Agent can use heredocs to run arbitrary commands
+RESULT=$(sandsnap run python-env <<'EOF'
+python3 -c "
+import json
+result = {'status': 'ok', 'value': 42}
+print(json.dumps(result))
+"
+EOF
+)
+echo "$RESULT"
+```
+
+## Notes
+
+- Commands run as `app` user; use `sudo` for system operations
+- Snapshots are region-specific (`ord` = Chicago, `ams` = Amsterdam)
+- Default timeout is `session` for `run` (dies when CLI exits) and `10m` for `evolve`
+
+## Environment Variables
+
+| Variable | Description |
+|----------|-------------|
+| `DENO_DEPLOY_TOKEN` | Required. Your Deno Deploy organization token |
+
+## License
+
+MIT

package/dist/commands/delete.d.ts

@@ -0,0 +1,9 @@
+/**
+ * sandboxer delete - Delete a snapshot (and its parent volume if possible)
+ */
+interface DeleteOptions {
+    force?: boolean;
+}
+export declare function deleteSnapshot(name: string, options: DeleteOptions): Promise<void>;
+export {};
+//# sourceMappingURL=delete.d.ts.map

package/dist/commands/delete.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"delete.d.ts","sourceRoot":"","sources":["../../src/commands/delete.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,UAAU,aAAa;IACrB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,wBAAsB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CA6CxF"}

package/dist/commands/delete.js

@@ -0,0 +1,50 @@
+/**
+ * sandboxer delete - Delete a snapshot (and its parent volume if possible)
+ */
+import { getClient } from "../lib/client.js";
+import { confirm } from "../lib/stdin.js";
+import { success, error, info } from "../lib/output.js";
+export async function deleteSnapshot(name, options) {
+    const client = getClient();
+    try {
+        // Get snapshot to find its parent volume
+        const snapshot = await client.snapshots.get(name);
+        if (!snapshot) {
+            error(`Snapshot '${name}' not found.`);
+            process.exit(1);
+        }
+        // Confirm deletion unless --force
+        if (!options.force) {
+            const confirmed = await confirm(`Delete snapshot '${name}'?`);
+            if (!confirmed) {
+                console.log("Aborted.");
+                return;
+            }
+        }
+        // Get parent volume info before deleting snapshot
+        const parentVolumeId = snapshot.volume?.id;
+        const parentVolumeSlug = snapshot.volume?.slug;
+        // Delete the snapshot
+        await client.snapshots.delete(name);
+        success(`Deleted snapshot '${name}'`);
+        // Try to delete parent volume (smart cleanup)
+        if (parentVolumeId && parentVolumeSlug) {
+            // Only delete if it's a temp volume we created (starts with 'tmp-')
+            if (parentVolumeSlug.startsWith('tmp-')) {
+                try {
+                    await client.volumes.delete(parentVolumeId);
+                    info(`Cleaned up parent volume '${parentVolumeSlug}'`);
+                }
+                catch {
+                    // Volume may have other snapshots depending on it, that's ok
+                    info(`Parent volume '${parentVolumeSlug}' kept (may have other dependents)`);
+                }
+            }
+        }
+    }
+    catch (err) {
+        error(`Failed to delete snapshot: ${err}`);
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=delete.js.map

package/dist/commands/delete.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"delete.js","sourceRoot":"","sources":["../../src/commands/delete.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAMxD,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,IAAY,EAAE,OAAsB;IACvE,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,CAAC,aAAa,IAAI,cAAc,CAAC,CAAC;YACvC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,oBAAoB,IAAI,IAAI,CAAC,CAAC;YAC9D,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBACxB,OAAO;YACT,CAAC;QACH,CAAC;QAED,kDAAkD;QAClD,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;QAC3C,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC;QAE/C,sBAAsB;QACtB,MAAM,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACpC,OAAO,CAAC,qBAAqB,IAAI,GAAG,CAAC,CAAC;QAEtC,8CAA8C;QAC9C,IAAI,cAAc,IAAI,gBAAgB,EAAE,CAAC;YACvC,oEAAoE;YACpE,IAAI,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxC,IAAI,CAAC;oBACH,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;oBAC5C,IAAI,CAAC,6BAA6B,gBAAgB,GAAG,CAAC,CAAC;gBACzD,CAAC;gBAAC,MAAM,CAAC;oBACP,6DAA6D;oBAC7D,IAAI,CAAC,kBAAkB,gBAAgB,oCAAoC,CAAC,CAAC;gBAC/E,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,KAAK,CAAC,8BAA8B,GAAG,EAAE,CAAC,CAAC;QAC3C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/commands/evolve.d.ts

@@ -0,0 +1,17 @@
+/**
+ * sandboxer evolve - Create a new snapshot by running commands on a base state
+ */
+interface EvolveOptions {
+    from?: string;
+    timeout: string;
+    capacity: string;
+    memory: string;
+    region: string;
+    env: string[];
+    copy: string[];
+    script?: string;
+    overwrite?: boolean;
+}
+export declare function evolve(name: string, options: EvolveOptions): Promise<void>;
+export {};
+//# sourceMappingURL=evolve.d.ts.map

package/dist/commands/evolve.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"evolve.d.ts","sourceRoot":"","sources":["../../src/commands/evolve.ts"],"names":[],"mappings":"AAAA;;GAEG;AAUH,UAAU,aAAa;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,EAAE,CAAC;IACd,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED,wBAAsB,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CA6IhF"}

package/dist/commands/evolve.js

@@ -0,0 +1,228 @@
+/**
+ * sandboxer evolve - Create a new snapshot by running commands on a base state
+ */
+var __addDisposableResource = (this && this.__addDisposableResource) || function (env, value, async) {
+    if (value !== null && value !== void 0) {
+        if (typeof value !== "object" && typeof value !== "function") throw new TypeError("Object expected.");
+        var dispose, inner;
+        if (async) {
+            if (!Symbol.asyncDispose) throw new TypeError("Symbol.asyncDispose is not defined.");
+            dispose = value[Symbol.asyncDispose];
+        }
+        if (dispose === void 0) {
+            if (!Symbol.dispose) throw new TypeError("Symbol.dispose is not defined.");
+            dispose = value[Symbol.dispose];
+            if (async) inner = dispose;
+        }
+        if (typeof dispose !== "function") throw new TypeError("Object not disposable.");
+        if (inner) dispose = function() { try { inner.call(this); } catch (e) { return Promise.reject(e); } };
+        env.stack.push({ value: value, dispose: dispose, async: async });
+    }
+    else if (async) {
+        env.stack.push({ async: true });
+    }
+    return value;
+};
+var __disposeResources = (this && this.__disposeResources) || (function (SuppressedError) {
+    return function (env) {
+        function fail(e) {
+            env.error = env.hasError ? new SuppressedError(e, env.error, "An error was suppressed during disposal.") : e;
+            env.hasError = true;
+        }
+        var r, s = 0;
+        function next() {
+            while (r = env.stack.pop()) {
+                try {
+                    if (!r.async && s === 1) return s = 0, env.stack.push(r), Promise.resolve().then(next);
+                    if (r.dispose) {
+                        var result = r.dispose.call(r.value);
+                        if (r.async) return s |= 2, Promise.resolve(result).then(next, function(e) { fail(e); return next(); });
+                    }
+                    else s |= 1;
+                }
+                catch (e) {
+                    fail(e);
+                }
+            }
+            if (s === 1) return env.hasError ? Promise.reject(env.error) : Promise.resolve();
+            if (env.hasError) throw env.error;
+        }
+        return next();
+    };
+})(typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) {
+    var e = new Error(message);
+    return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
+});
+import { spawn } from "node:child_process";
+import { Sandbox } from "@deno/sandbox";
+import { getClient, snapshotExists, tempVolumeSlug } from "../lib/client.js";
+import { isInteractive, readStdin, readScriptFile, promptOnFailure } from "../lib/stdin.js";
+import { info, success, error, step } from "../lib/output.js";
+import { copyToSandbox } from "../lib/copy.js";
+import { parseCapacity, parseMemory, parseTimeout, parseRegion, parseEnvVars } from "../lib/parse.js";
+export async function evolve(name, options) {
+    const client = getClient();
+    const volumeSlug = tempVolumeSlug();
+    // Parse and validate options
+    const capacity = parseCapacity(options.capacity);
+    const timeout = parseTimeout(options.timeout);
+    const region = parseRegion(options.region);
+    const memory = parseMemory(options.memory);
+    const env = parseEnvVars(options.env);
+    // Determine the source for the volume
+    const fromSource = options.from || "builtin:debian-13";
+    try {
+        // Check if target snapshot already exists
+        if (!options.overwrite && await snapshotExists(name)) {
+            error(`Snapshot '${name}' already exists. Use --overwrite to replace it.`);
+            process.exit(1);
+        }
+        // If overwriting, delete existing snapshot first
+        if (options.overwrite && await snapshotExists(name)) {
+            info(`Deleting existing snapshot '${name}'...`);
+            await client.snapshots.delete(name);
+        }
+        // Determine script source
+        let script = null;
+        const interactive = isInteractive();
+        if (options.script) {
+            script = await readScriptFile(options.script);
+        }
+        else if (!interactive) {
+            // Read from stdin (heredoc or pipe)
+            script = await readStdin();
+        }
+        // Step 1: Create bootable volume
+        step(1, 4, `Creating volume from ${options.from ? `snapshot '${options.from}'` : "base image"}...`);
+        const volume = await client.volumes.create({
+            slug: volumeSlug,
+            region: region,
+            capacity: capacity,
+            from: fromSource,
+        });
+        info(`Volume created: ${volume.id}`);
+        let shouldSnapshot = false;
+        // Step 2 & 3: Boot sandbox and execute commands
+        // Use a block so sandbox is closed before we snapshot
+        {
+            const env_1 = { stack: [], error: void 0, hasError: false };
+            try {
+                step(2, 4, "Booting sandbox...");
+                const sandbox = __addDisposableResource(env_1, await Sandbox.create({
+                    region: region,
+                    root: volumeSlug,
+                    timeout: timeout,
+                    memory: memory,
+                    env: Object.keys(env).length > 0 ? env : undefined,
+                }), true);
+                info(`Sandbox ready: ${sandbox.id}`);
+                // Copy files into sandbox
+                if (options.copy.length > 0) {
+                    await copyToSandbox(sandbox, options.copy);
+                }
+                // Step 3: Execute commands
+                step(3, 4, script ? "Executing script..." : "Opening interactive shell...");
+                shouldSnapshot = true;
+                if (script) {
+                    // Write script to temp file and execute
+                    await sandbox.fs.writeTextFile("/tmp/sandboxer-script.sh", script);
+                    try {
+                        await sandbox.sh `bash /tmp/sandboxer-script.sh`;
+                    }
+                    catch (err) {
+                        shouldSnapshot = false;
+                        error(`Script failed: ${err}`);
+                        // Prompt user for action
+                        const action = await promptOnFailure();
+                        if (action === "shell") {
+                            info("Opening shell for debugging...");
+                            await openInteractiveShell(sandbox);
+                            // After shell, ask again
+                            const action2 = await promptOnFailure();
+                            shouldSnapshot = action2 === "save";
+                        }
+                        else {
+                            shouldSnapshot = action === "save";
+                        }
+                    }
+                }
+                else {
+                    // Interactive mode
+                    await openInteractiveShell(sandbox);
+                    shouldSnapshot = true; // User explicitly exited
+                }
+                // Explicitly kill sandbox before snapshotting
+                info("Stopping sandbox...");
+                await sandbox.kill();
+                // Wait a moment for volume to unmount
+                await new Promise(resolve => setTimeout(resolve, 2000));
+            }
+            catch (e_1) {
+                env_1.error = e_1;
+                env_1.hasError = true;
+            }
+            finally {
+                const result_1 = __disposeResources(env_1);
+                if (result_1)
+                    await result_1;
+            }
+        }
+        // Sandbox is now stopped
+        if (!shouldSnapshot) {
+            info("Discarding changes...");
+            // Clean up volume
+            try {
+                await client.volumes.delete(volumeSlug);
+            }
+            catch {
+                // Ignore
+            }
+            return;
+        }
+        // Step 4: Create snapshot (sandbox must be closed first)
+        step(4, 4, `Creating snapshot '${name}'...`);
+        await client.volumes.snapshot(volume.id, {
+            slug: name,
+        });
+        success(`Snapshot '${name}' created!`);
+        // Note: We don't delete the volume here because the snapshot
+        // depends on it (copy-on-write). The volume is now "owned" by
+        // the snapshot and will be managed by the Deno Sandbox service.
+    }
+    catch (err) {
+        error(`Failed: ${err}`);
+        // Attempt to clean up volume on error
+        try {
+            await client.volumes.delete(volumeSlug);
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+        process.exit(1);
+    }
+}
+/**
+ * Open an interactive SSH shell to the sandbox
+ */
+async function openInteractiveShell(sandbox) {
+    const ssh = await sandbox.exposeSsh();
+    info(`Connecting via SSH to ${ssh.username}@${ssh.hostname}...`);
+    console.log("(Type 'exit' when done)\n");
+    return new Promise((resolve, reject) => {
+        const sshProcess = spawn("ssh", [
+            "-o", "StrictHostKeyChecking=no",
+            "-o", "UserKnownHostsFile=/dev/null",
+            "-o", "LogLevel=ERROR",
+            "-t",
+            `${ssh.username}@${ssh.hostname}`,
+        ], {
+            stdio: "inherit",
+        });
+        sshProcess.on("close", () => {
+            console.log("");
+            resolve();
+        });
+        sshProcess.on("error", reject);
+    });
+}
+//# sourceMappingURL=evolve.js.map

package/dist/commands/evolve.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"evolve.js","sourceRoot":"","sources":["../../src/commands/evolve.ts"],"names":[],"mappings":"AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAC7E,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAC5F,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AActG,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,IAAY,EAAE,OAAsB;IAC/D,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,UAAU,GAAG,cAAc,EAAE,CAAC;IAEpC,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,MAAM,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAEtC,sCAAsC;IACtC,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,IAAI,mBAAmB,CAAC;IAEvD,IAAI,CAAC;QACH,0CAA0C;QAC1C,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,MAAM,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACrD,KAAK,CAAC,aAAa,IAAI,kDAAkD,CAAC,CAAC;YAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,iDAAiD;QACjD,IAAI,OAAO,CAAC,SAAS,IAAI,MAAM,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACpD,IAAI,CAAC,+BAA+B,IAAI,MAAM,CAAC,CAAC;YAChD,MAAM,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC;QAED,0BAA0B;QAC1B,IAAI,MAAM,GAAkB,IAAI,CAAC;QACjC,MAAM,WAAW,GAAG,aAAa,EAAE,CAAC;QAEpC,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;aAAM,IAAI,CAAC,WAAW,EAAE,CAAC;YACxB,oCAAoC;YACpC,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;QAC7B,CAAC;QAED,iCAAiC;QACjC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,wBAAwB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC;QACpG,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;YACzC,IAAI,EAAE,UAAU;YAChB,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,UAAU;SACjB,CAAC,CAAC;QACH,IAAI,CAAC,mBAAmB,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC;QAErC,IAAI,cAAc,GAAG,KAAK,CAAC;QAE3B,gDAAgD;QAChD,sDAAsD;QACtD,CAAC;;;gBACC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,oBAAoB,CAAC,CAAC;gBACjC,MAAY,OAAO,kCAAG,MAAM,OAAO,CAAC,MAAM,CAAC;oBACzC,MAAM,EAAE,MAAM;oBACd,IAAI,EAAE,UAAU;oBAChB,OAAO,EAAE,OAAO;oBAChB,MAAM,EAAE,MAAM;oBACd,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;iBACnD,CAAC,OAAA,CAAC;gBACH,IAAI,CAAC,kBAAkB,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;gBAErC,0BAA0B;gBAC1B,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC5B,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC7C,CAAC;gBAED,2BAA2B;gBAC3B,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,8BAA8B,CAAC,CAAC;gBAE5E,cAAc,GAAG,IAAI,CAAC;gBAEtB,IAAI,MAAM,EAAE,CAAC;oBACX,wCAAwC;oBACxC,MAAM,OAAO,CAAC,EAAE,CAAC,aAAa,CAAC,0BAA0B,EAAE,MAAM,CAAC,CAAC;oBACnE,IAAI,CAAC;wBACH,MAAM,OAAO,CAAC,EAAE,CAAA,+BAA+B,CAAC;oBAClD,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,cAAc,GAAG,KAAK,CAAC;wBACvB,KAAK,CAAC,kBAAkB,GAAG,EAAE,CAAC,CAAC;wBAE/B,yBAAyB;wBACzB,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;wBACvC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;4BACvB,IAAI,CAAC,gCAAgC,CAAC,CAAC;4BACvC,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAC;4BACpC,yBAAyB;4BACzB,MAAM,OAAO,GAAG,MAAM,eAAe,EAAE,CAAC;4BACxC,cAAc,GAAG,OAAO,KAAK,MAAM,CAAC;wBACtC,CAAC;6BAAM,CAAC;4BACN,cAAc,GAAG,MAAM,KAAK,MAAM,CAAC;wBACrC,CAAC;oBACH,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,mBAAmB;oBACnB,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAC;oBACpC,cAAc,GAAG,IAAI,CAAC,CAAC,yBAAyB;gBAClD,CAAC;gBAED,8CAA8C;gBAC9C,IAAI,CAAC,qBAAqB,CAAC,CAAC;gBAC5B,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;gBAErB,sCAAsC;gBACtC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;;;;;;;;;;;SACzD;QACD,yBAAyB;QAEzB,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,IAAI,CAAC,uBAAuB,CAAC,CAAC;YAC9B,kBAAkB;YAClB,IAAI,CAAC;gBACH,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAC1C,CAAC;YAAC,MAAM,CAAC;gBACP,SAAS;YACX,CAAC;YACD,OAAO;QACT,CAAC;QAED,yDAAyD;QACzD,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,sBAAsB,IAAI,MAAM,CAAC,CAAC;QAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,EAAE;YACvC,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;QACH,OAAO,CAAC,aAAa,IAAI,YAAY,CAAC,CAAC;QAEvC,6DAA6D;QAC7D,8DAA8D;QAC9D,gEAAgE;IAElE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,KAAK,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC;QACxB,sCAAsC;QACtC,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,oBAAoB,CAAC,OAAgB;IAClD,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,SAAS,EAAE,CAAC;IAEtC,IAAI,CAAC,yBAAyB,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,KAAK,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAEzC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,EAAE;YAC9B,IAAI,EAAE,0BAA0B;YAChC,IAAI,EAAE,8BAA8B;YACpC,IAAI,EAAE,gBAAgB;YACtB,IAAI;YACJ,GAAG,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,EAAE;SAClC,EAAE;YACD,KAAK,EAAE,SAAS;SACjB,CAAC,CAAC;QAEH,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YAC1B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;QAEH,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/commands/list.d.ts

@@ -0,0 +1,10 @@
+/**
+ * sandboxer list - List all snapshots
+ */
+interface ListOptions {
+    region?: string;
+    json?: boolean;
+}
+export declare function list(options: ListOptions): Promise<void>;
+export {};
+//# sourceMappingURL=list.d.ts.map

package/dist/commands/list.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list.d.ts","sourceRoot":"","sources":["../../src/commands/list.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,UAAU,WAAW;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CA6C9D"}