treebox 0.2.0__tar.gz → 0.4.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. treebox-0.4.0/.github/workflows/autofix.yml +69 -0
  2. {treebox-0.2.0 → treebox-0.4.0}/.github/workflows/ci.yml +3 -0
  3. treebox-0.4.0/.pre-commit-config.yaml +25 -0
  4. {treebox-0.2.0 → treebox-0.4.0}/CLAUDE.md +4 -2
  5. treebox-0.4.0/CONTRIBUTING.md +52 -0
  6. {treebox-0.2.0 → treebox-0.4.0}/PKG-INFO +50 -11
  7. {treebox-0.2.0 → treebox-0.4.0}/README.md +47 -10
  8. {treebox-0.2.0 → treebox-0.4.0}/docs/configuration.md +45 -3
  9. {treebox-0.2.0 → treebox-0.4.0}/docs/how-it-works.md +4 -2
  10. treebox-0.4.0/docs/index.md +209 -0
  11. {treebox-0.2.0 → treebox-0.4.0}/docs/install.md +2 -1
  12. treebox-0.4.0/docs/javascripts/treebox.js +172 -0
  13. {treebox-0.2.0 → treebox-0.4.0}/docs/stylesheets/extra.css +116 -8
  14. {treebox-0.2.0 → treebox-0.4.0}/docs/usage.md +19 -8
  15. treebox-0.4.0/hooks/copy_page.py +32 -0
  16. {treebox-0.2.0 → treebox-0.4.0}/mkdocs.yml +8 -1
  17. {treebox-0.2.0 → treebox-0.4.0}/pyproject.toml +4 -2
  18. {treebox-0.2.0 → treebox-0.4.0}/scripts/validate.sh +1 -0
  19. {treebox-0.2.0 → treebox-0.4.0}/skills/treebox/SKILL.md +3 -3
  20. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/assets.py +20 -2
  21. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/cli.py +111 -25
  22. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/config.py +10 -2
  23. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/git.py +10 -0
  24. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/provision.py +128 -26
  25. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/runners/base.py +6 -0
  26. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/runners/docker.py +65 -12
  27. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/runners/host.py +17 -4
  28. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/state.py +8 -0
  29. {treebox-0.2.0 → treebox-0.4.0}/tests/test_integration.py +373 -0
  30. {treebox-0.2.0 → treebox-0.4.0}/tests/test_units.py +235 -11
  31. {treebox-0.2.0 → treebox-0.4.0}/uv.lock +93 -0
  32. treebox-0.2.0/.github/workflows/auto-release.yml +0 -155
  33. treebox-0.2.0/CONTRIBUTING.md +0 -31
  34. treebox-0.2.0/docs/index.md +0 -148
  35. treebox-0.2.0/docs/javascripts/treebox.js +0 -97
  36. {treebox-0.2.0 → treebox-0.4.0}/.agents/skills/no-mistakes/SKILL.md +0 -0
  37. {treebox-0.2.0 → treebox-0.4.0}/.github/workflows/claude.yml +0 -0
  38. {treebox-0.2.0 → treebox-0.4.0}/.github/workflows/docs.yml +0 -0
  39. {treebox-0.2.0 → treebox-0.4.0}/.github/workflows/release.yml +0 -0
  40. {treebox-0.2.0 → treebox-0.4.0}/.gitignore +0 -0
  41. {treebox-0.2.0 → treebox-0.4.0}/AGENTS.md +0 -0
  42. {treebox-0.2.0 → treebox-0.4.0}/LICENSE +0 -0
  43. {treebox-0.2.0 → treebox-0.4.0}/ROADMAP.md +0 -0
  44. {treebox-0.2.0 → treebox-0.4.0}/assets/treebox-logo.png +0 -0
  45. {treebox-0.2.0 → treebox-0.4.0}/docs/agents.md +0 -0
  46. {treebox-0.2.0 → treebox-0.4.0}/docs/assets/treebox-logo.png +0 -0
  47. {treebox-0.2.0 → treebox-0.4.0}/install.sh +0 -0
  48. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/__init__.py +0 -0
  49. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/assets/container/Dockerfile +0 -0
  50. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/assets/container/allowed-domains.sh +0 -0
  51. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/assets/container/container.json +0 -0
  52. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/assets/container/firewall.json +0 -0
  53. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/assets/container/init-firewall.sh +0 -0
  54. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/assets/container/post-create.sh +0 -0
  55. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/assets/pre-push +0 -0
  56. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/ecosystems.py +0 -0
  57. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/forge.py +0 -0
  58. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/locking.py +0 -0
  59. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/models.py +0 -0
  60. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/names.py +0 -0
  61. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/output.py +0 -0
  62. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/py.typed +0 -0
  63. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/resolve.py +0 -0
  64. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/runners/__init__.py +0 -0
  65. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/status.py +0 -0
  66. {treebox-0.2.0 → treebox-0.4.0}/src/treebox/system.py +0 -0
  67. {treebox-0.2.0 → treebox-0.4.0}/tests/conftest.py +0 -0
@@ -0,0 +1,69 @@
1
+ name: Autofix
2
+
3
+ # Applies ruff's auto-fixes (`ruff check --fix` + `ruff format`) to pull requests
4
+ # and commits the result back to the PR branch. This is the CI counterpart to the
5
+ # pre-commit hooks: if a change lands unformatted (hooks skipped), the branch is
6
+ # fixed in place instead of just failing the CI gate. Skips fork PRs, where the
7
+ # workflow token cannot push, and its own commits, to avoid loops.
8
+ #
9
+ # Gotcha: pushes made with the default GITHUB_TOKEN (from actions/checkout) do
10
+ # NOT trigger new workflow runs. So the auto-fixed commit this job pushes will
11
+ # not re-run ci.yml. Two implications:
12
+ # - If branch protection REQUIRES the CI status checks, the auto-fixed SHA will
13
+ # have no reported checks and the PR will stall. The remedy is to check out
14
+ # and push using a PAT or GitHub App token stored as a repo secret (e.g.
15
+ # AUTOFIX_TOKEN) instead of GITHUB_TOKEN, so the push re-triggers CI.
16
+ # - To close the "merged with a commit CI never validated" hole regardless,
17
+ # this job re-runs the ruff + mypy checks on the fixed tree below and fails
18
+ # rather than pushing if they don't pass, so the exact pushed commit is
19
+ # validated within this run.
20
+
21
+ on:
22
+ pull_request:
23
+
24
+ concurrency:
25
+ group: autofix-${{ github.ref }}
26
+ cancel-in-progress: true
27
+
28
+ permissions:
29
+ contents: write
30
+
31
+ jobs:
32
+ autofix:
33
+ name: ruff --fix
34
+ runs-on: ubuntu-latest
35
+ if: >-
36
+ github.event.pull_request.head.repo.full_name == github.repository &&
37
+ github.actor != 'github-actions[bot]'
38
+ steps:
39
+ - uses: actions/checkout@v7
40
+ with:
41
+ ref: ${{ github.head_ref }}
42
+
43
+ - name: Install uv
44
+ uses: astral-sh/setup-uv@v8.2.0
45
+ with:
46
+ enable-cache: true
47
+
48
+ - name: ruff check --fix
49
+ run: uv run --extra dev ruff check --fix src tests
50
+
51
+ - name: ruff format
52
+ run: uv run --extra dev ruff format src tests
53
+
54
+ - name: Validate fixed tree
55
+ run: |
56
+ uv run --extra dev ruff check src tests
57
+ uv run --extra dev ruff format --check src tests
58
+ uv run --extra dev mypy
59
+
60
+ - name: Commit fixes
61
+ run: |
62
+ if git diff --quiet; then
63
+ echo "No formatting or lint fixes needed."
64
+ exit 0
65
+ fi
66
+ git config user.name "github-actions[bot]"
67
+ git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
68
+ git commit -am "style: apply ruff --fix and format"
69
+ git push
@@ -29,6 +29,9 @@ jobs:
29
29
  - name: Lint
30
30
  run: uv run -p ${{ matrix.python-version }} --extra dev ruff check src tests
31
31
 
32
+ - name: Format
33
+ run: uv run -p ${{ matrix.python-version }} --extra dev ruff format --check src tests
34
+
32
35
  - name: Type check
33
36
  run: uv run -p ${{ matrix.python-version }} --extra dev mypy
34
37
 
@@ -0,0 +1,25 @@
1
+ # Pre-commit hooks: keep every commit lint-clean, formatted, and type-checked.
2
+ # Install once with `uv run --extra dev pre-commit install` (or `pre-commit install`).
3
+ # Run against everything with `uv run --extra dev pre-commit run --all-files`.
4
+ #
5
+ # Keep the ruff rev in sync with the `ruff>=…` pin in pyproject.toml's [dev] extra.
6
+ repos:
7
+ - repo: https://github.com/astral-sh/ruff-pre-commit
8
+ rev: v0.15.20
9
+ hooks:
10
+ # Lint and auto-fix (import sorting, pyupgrade, simplify, …), then format.
11
+ - id: ruff-check
12
+ args: [--fix]
13
+ - id: ruff-format
14
+
15
+ # mypy runs from the project's own dev environment so it sees typer/questionary
16
+ # stubs and the [tool.mypy] config (files = ["src"]). pass_filenames is off
17
+ # because that config already selects the files to check.
18
+ - repo: local
19
+ hooks:
20
+ - id: mypy
21
+ name: mypy
22
+ entry: uv run --extra dev mypy
23
+ language: system
24
+ types: [python]
25
+ pass_filenames: false
@@ -19,9 +19,11 @@ template it provisions is separately pinned to CPython 3.14.6).
19
19
  uv run treebox ... # run the CLI from the working tree
20
20
  uv run --extra dev python -m pytest # full unit + integration suite
21
21
  uv run --extra dev python -m pytest tests/test_units.py::test_name # single test (or -k <pattern>)
22
- ruff check src tests # lint
22
+ uv run --extra dev ruff check src tests # lint
23
+ uv run --extra dev ruff format --check src tests # format check (drop --check to apply)
23
24
  uv run --extra dev mypy # type check (config in pyproject.toml)
24
- ./scripts/validate.sh # lint + tests + live host-runner smoke (real uv, throwaway local remote)
25
+ uv run --extra dev pre-commit install # install lint/format/type hooks (see CONTRIBUTING.md)
26
+ ./scripts/validate.sh # lint + format + tests + live host-runner smoke (real uv, throwaway local remote)
25
27
  uv pip install -e ".[dev]" # editable dev environment
26
28
  uv run --extra docs mkdocs serve # docs site (docs/ + mkdocs.yml), live-reloading
27
29
  uv run --extra docs mkdocs build --strict # build docs to site/ (gitignored)
@@ -0,0 +1,52 @@
1
+ # Contributing
2
+
3
+ treebox is a small, one-maintainer project. Contributions are welcome, but the scope is intentionally modest.
4
+
5
+ ## Good contributions
6
+
7
+ - Bug fixes with a clear reproduction.
8
+ - Documentation fixes that make install, usage, or runner behavior clearer.
9
+ - Small compatibility fixes that preserve the existing CLI and scripting behavior.
10
+
11
+ For larger feature ideas, open an issue first so we can decide whether they fit the project.
12
+
13
+ ## Local checks
14
+
15
+ Install the pre-commit hooks once so every commit is auto-formatted, lint-fixed,
16
+ and type-checked (`ruff format`, `ruff check --fix`, and `mypy`):
17
+
18
+ ```bash
19
+ uv run --extra dev pre-commit install
20
+ ```
21
+
22
+ Note: `pre-commit install` has no effect inside a treebox worktree, because
23
+ treebox sets `core.hooksPath` for its own pre-push guard, so git ignores the
24
+ hook pre-commit writes to `.git/hooks`. Run the hooks manually there with
25
+ `uv run --extra dev pre-commit run --all-files`.
26
+
27
+ If the hooks are skipped, the Autofix CI workflow applies the same `ruff --fix`
28
+ and `ruff format` to same-repo PRs and pushes the result back. Note that pushes
29
+ made with the default `GITHUB_TOKEN` do not re-trigger CI, so if this repo ever
30
+ requires the CI status checks under branch protection, the auto-fixed commit
31
+ will have no reported checks and the PR will stall; the remedy is to push from
32
+ the workflow using a PAT or GitHub App token stored as a repo secret (e.g.
33
+ `AUTOFIX_TOKEN`) instead of `GITHUB_TOKEN`.
34
+
35
+ For code changes, run the relevant checks before opening a PR:
36
+
37
+ ```bash
38
+ uv run --extra dev python -m pytest
39
+ uv run --extra dev ruff check src tests
40
+ uv run --extra dev ruff format --check src tests
41
+ uv run --extra dev mypy
42
+ ```
43
+
44
+ For docs-only changes, this is enough:
45
+
46
+ ```bash
47
+ uv run --extra docs mkdocs build --strict
48
+ ```
49
+
50
+ ## Boundaries
51
+
52
+ Please preserve the basics: fresh refs by default, no trust in target-repo sandbox config, stable CLI output for scripts, and subscription-based agent auth.
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: treebox
3
- Version: 0.2.0
3
+ Version: 0.4.0
4
4
  Summary: Isolated, ready-to-run git worktrees for AI coding agents — host-native or docker-sandboxed.
5
5
  Project-URL: Homepage, https://github.com/Seth-Peters/treebox
6
6
  Project-URL: Documentation, https://seth-peters.github.io/treebox/
@@ -23,9 +23,11 @@ Classifier: Programming Language :: Python :: 3.14
23
23
  Classifier: Topic :: Software Development :: Version Control :: Git
24
24
  Requires-Python: >=3.11
25
25
  Requires-Dist: questionary<3,>=2
26
+ Requires-Dist: rich<16,>=13
26
27
  Requires-Dist: typer<1.0,>=0.12
27
28
  Provides-Extra: dev
28
29
  Requires-Dist: mypy>=1.14; extra == 'dev'
30
+ Requires-Dist: pre-commit>=4; extra == 'dev'
29
31
  Requires-Dist: pytest-cov>=6; extra == 'dev'
30
32
  Requires-Dist: pytest>=8; extra == 'dev'
31
33
  Requires-Dist: ruff>=0.15; extra == 'dev'
@@ -48,6 +50,7 @@ Description-Content-Type: text/markdown
48
50
  <a href="https://seth-peters.github.io/treebox/"><img src="https://img.shields.io/badge/docs-seth--peters.github.io%2Ftreebox-2f6f4f" alt="Documentation"></a>
49
51
  <img src="https://img.shields.io/badge/python-3.11%2B-3776ab" alt="Python 3.11+">
50
52
  <a href="LICENSE"><img src="https://img.shields.io/badge/license-PolyForm%20Noncommercial-2f6f4f" alt="PolyForm Noncommercial License"></a>
53
+ <a href="https://www.linkedin.com/in/seth-peters/"><img src="https://img.shields.io/badge/LinkedIn-Seth%20Peters-0a66c2?logo=linkedin&logoColor=white" alt="Seth Peters on LinkedIn"></a>
51
54
  </p>
52
55
 
53
56
  <p align="center">
@@ -55,7 +58,7 @@ Description-Content-Type: text/markdown
55
58
  <a href="https://seth-peters.github.io/treebox/install/">Install</a> ·
56
59
  <a href="https://seth-peters.github.io/treebox/usage/">Usage</a> ·
57
60
  <a href="https://seth-peters.github.io/treebox/how-it-works/">How it works</a> ·
58
- <a href="https://github.com/Seth-Peters">Seth Peters</a>
61
+ <a href="https://www.linkedin.com/in/seth-peters/">Seth Peters</a>
59
62
  </p>
60
63
 
61
64
  ---
@@ -68,7 +71,7 @@ un-pushable `treebox/<name>` placeholder branch the agent renames when the
68
71
  work takes shape. Agents work the same repo in parallel without collisions —
69
72
  on a laptop or over plain SSH.
70
73
 
71
- Built by [Seth Peters](https://github.com/Seth-Peters) as a small, operator-focused layer for AI agent infrastructure: git worktrees, sandbox boundaries, subscription auth, and repeatable developer environments. If that is the kind of problem you are solving, the [docs](https://seth-peters.github.io/treebox/) go deeper on the design tradeoffs.
74
+ Built by [Seth Peters](https://www.linkedin.com/in/seth-peters/) as a small, operator-focused layer for AI agent infrastructure: git worktrees, sandbox boundaries, subscription auth, and repeatable developer environments. If that is the kind of problem you are solving, the [docs](https://seth-peters.github.io/treebox/) go deeper on the design tradeoffs — and I'm [on LinkedIn](https://www.linkedin.com/in/seth-peters/) if you want to compare notes.
72
75
 
73
76
  Provisioning is identical everywhere; a pluggable **isolation mode** decides
74
77
  where the agent runs:
@@ -148,7 +151,7 @@ the branch starts as a `treebox/<name>` placeholder that a per-worktree
148
151
  pre-push guard keeps **un-pushable** — rename it conventionally
149
152
  (`git branch -m feature/user-auth`, `fix/login-race`, `chore/bump-deps`, …)
150
153
  when the work has a shape, then push. So a machine-generated name can never
151
- become a PR title. `-b` is the one path that skips the placeholder: it checks out an
154
+ become a PR title. `--checkout` is the one path that skips the placeholder: it checks out an
152
155
  existing branch exactly.
153
156
 
154
157
  `--base` takes any branch, not just `main` — branch off `dev`, or stack a new
@@ -156,10 +159,11 @@ worktree on top of an existing PR's branch, even while that branch is checked
156
159
  out in another worktree. It resolves as the freshly fetched `origin/<base>`,
157
160
  so push the base first if its latest commits only exist locally.
158
161
 
159
- **Enter.** Come back to an existing worktree, picking the agent per entry.
160
- The ref is the name, the *current* branch (renames are followed live), or a
161
- unique substring of either. Dependencies re-sync only if the lockfile changed
162
- since last time:
162
+ **Enter.** Come back to an existing worktree. By default it reuses the harness
163
+ the worktree was created with; an explicit `--harness` overrides it for that
164
+ session only, without changing what's recorded on disk. The ref is the name,
165
+ the *current* branch (renames are followed live), or a unique substring of
166
+ either. Dependencies re-sync only if the lockfile changed since last time:
163
167
 
164
168
  ```bash
165
169
  treebox enter fix-auth --harness claude
@@ -206,8 +210,9 @@ conflict). Full reference in the
206
210
  hooks are ignored.
207
211
  - **Credentials go in as scoped copies.** Only the agents' login files are
208
212
  copied into a throwaway per-worktree dir — never the live `~/.claude` /
209
- `~/.codex` — and treebox uses your subscription login, never
210
- `ANTHROPIC_API_KEY`.
213
+ `~/.codex` — refreshed on every entry so a host logout or a fresh login
214
+ reaches the sandbox next time, and treebox uses your subscription login,
215
+ never `ANTHROPIC_API_KEY`.
211
216
 
212
217
  More in [how it works](https://seth-peters.github.io/treebox/how-it-works/).
213
218
 
@@ -226,13 +231,47 @@ All keys, shared-cache overrides, setup hooks, and sandbox templates are
226
231
  covered in the
227
232
  [configuration guide](https://seth-peters.github.io/treebox/configuration/).
228
233
 
234
+ ## Customizing isolation
235
+
236
+ `docker` isolation is defined by an **operator-owned template** — a
237
+ `Dockerfile` + `container.json` you copy out and edit, kept beside the worktree
238
+ so a boxed agent can't touch its own cage. The shipped image bundles Node 22,
239
+ uv, `gh`, ripgrep, and the agent CLIs, so a Node project often needs no image
240
+ change. For a genuinely separate, non-Python box, copy the template and edit
241
+ two things — global tooling in the `Dockerfile`, and `postCreate` to install
242
+ your repo's deps (in docker, setup runs `postCreate`, not the host-mode
243
+ ecosystem auto-detect):
244
+
245
+ ```bash
246
+ cp -R "$(python -c 'import treebox.assets, pathlib; print(pathlib.Path(treebox.assets.__file__).parent)')/container" \
247
+ ~/.config/treebox/templates/node
248
+ ```
249
+
250
+ ```dockerfile
251
+ # ~/.config/treebox/templates/node/Dockerfile — Node 22 is already baked in
252
+ USER root
253
+ RUN npm install -g pnpm@9 typescript tsx
254
+ USER ${USERNAME}
255
+ ```
256
+
257
+ ```json
258
+ // ~/.config/treebox/templates/node/container.json
259
+ "postCreate": "if [ -f pnpm-lock.yaml ]; then pnpm install --frozen-lockfile; elif [ -f package-lock.json ]; then npm ci; else npm install; fi"
260
+ ```
261
+
262
+ Then select it per run (`--isolation docker --template node`) or set
263
+ `template = "node"` in your config — a `node` box and a `python` box coexist,
264
+ one per stack. Full walkthrough in the
265
+ [configuration guide](https://seth-peters.github.io/treebox/configuration/#worked-example-a-node-sandbox-not-python).
266
+
229
267
  ## Development
230
268
 
231
269
  ```bash
232
270
  git clone https://github.com/Seth-Peters/treebox && cd treebox
233
271
  uv run treebox ... # run the CLI from the working tree
272
+ uv run --extra dev pre-commit install # lint/format/type hooks (see CONTRIBUTING.md)
234
273
  uv run --extra dev python -m pytest # unit + integration suite
235
- ./scripts/validate.sh # lint + tests + live host-runner smoke
274
+ ./scripts/validate.sh # lint + format + tests + live host-runner smoke
236
275
  ```
237
276
 
238
277
  ## Contributing
@@ -13,6 +13,7 @@
13
13
  <a href="https://seth-peters.github.io/treebox/"><img src="https://img.shields.io/badge/docs-seth--peters.github.io%2Ftreebox-2f6f4f" alt="Documentation"></a>
14
14
  <img src="https://img.shields.io/badge/python-3.11%2B-3776ab" alt="Python 3.11+">
15
15
  <a href="LICENSE"><img src="https://img.shields.io/badge/license-PolyForm%20Noncommercial-2f6f4f" alt="PolyForm Noncommercial License"></a>
16
+ <a href="https://www.linkedin.com/in/seth-peters/"><img src="https://img.shields.io/badge/LinkedIn-Seth%20Peters-0a66c2?logo=linkedin&logoColor=white" alt="Seth Peters on LinkedIn"></a>
16
17
  </p>
17
18
 
18
19
  <p align="center">
@@ -20,7 +21,7 @@
20
21
  <a href="https://seth-peters.github.io/treebox/install/">Install</a> ·
21
22
  <a href="https://seth-peters.github.io/treebox/usage/">Usage</a> ·
22
23
  <a href="https://seth-peters.github.io/treebox/how-it-works/">How it works</a> ·
23
- <a href="https://github.com/Seth-Peters">Seth Peters</a>
24
+ <a href="https://www.linkedin.com/in/seth-peters/">Seth Peters</a>
24
25
  </p>
25
26
 
26
27
  ---
@@ -33,7 +34,7 @@ un-pushable `treebox/<name>` placeholder branch the agent renames when the
33
34
  work takes shape. Agents work the same repo in parallel without collisions —
34
35
  on a laptop or over plain SSH.
35
36
 
36
- Built by [Seth Peters](https://github.com/Seth-Peters) as a small, operator-focused layer for AI agent infrastructure: git worktrees, sandbox boundaries, subscription auth, and repeatable developer environments. If that is the kind of problem you are solving, the [docs](https://seth-peters.github.io/treebox/) go deeper on the design tradeoffs.
37
+ Built by [Seth Peters](https://www.linkedin.com/in/seth-peters/) as a small, operator-focused layer for AI agent infrastructure: git worktrees, sandbox boundaries, subscription auth, and repeatable developer environments. If that is the kind of problem you are solving, the [docs](https://seth-peters.github.io/treebox/) go deeper on the design tradeoffs — and I'm [on LinkedIn](https://www.linkedin.com/in/seth-peters/) if you want to compare notes.
37
38
 
38
39
  Provisioning is identical everywhere; a pluggable **isolation mode** decides
39
40
  where the agent runs:
@@ -113,7 +114,7 @@ the branch starts as a `treebox/<name>` placeholder that a per-worktree
113
114
  pre-push guard keeps **un-pushable** — rename it conventionally
114
115
  (`git branch -m feature/user-auth`, `fix/login-race`, `chore/bump-deps`, …)
115
116
  when the work has a shape, then push. So a machine-generated name can never
116
- become a PR title. `-b` is the one path that skips the placeholder: it checks out an
117
+ become a PR title. `--checkout` is the one path that skips the placeholder: it checks out an
117
118
  existing branch exactly.
118
119
 
119
120
  `--base` takes any branch, not just `main` — branch off `dev`, or stack a new
@@ -121,10 +122,11 @@ worktree on top of an existing PR's branch, even while that branch is checked
121
122
  out in another worktree. It resolves as the freshly fetched `origin/<base>`,
122
123
  so push the base first if its latest commits only exist locally.
123
124
 
124
- **Enter.** Come back to an existing worktree, picking the agent per entry.
125
- The ref is the name, the *current* branch (renames are followed live), or a
126
- unique substring of either. Dependencies re-sync only if the lockfile changed
127
- since last time:
125
+ **Enter.** Come back to an existing worktree. By default it reuses the harness
126
+ the worktree was created with; an explicit `--harness` overrides it for that
127
+ session only, without changing what's recorded on disk. The ref is the name,
128
+ the *current* branch (renames are followed live), or a unique substring of
129
+ either. Dependencies re-sync only if the lockfile changed since last time:
128
130
 
129
131
  ```bash
130
132
  treebox enter fix-auth --harness claude
@@ -171,8 +173,9 @@ conflict). Full reference in the
171
173
  hooks are ignored.
172
174
  - **Credentials go in as scoped copies.** Only the agents' login files are
173
175
  copied into a throwaway per-worktree dir — never the live `~/.claude` /
174
- `~/.codex` — and treebox uses your subscription login, never
175
- `ANTHROPIC_API_KEY`.
176
+ `~/.codex` — refreshed on every entry so a host logout or a fresh login
177
+ reaches the sandbox next time, and treebox uses your subscription login,
178
+ never `ANTHROPIC_API_KEY`.
176
179
 
177
180
  More in [how it works](https://seth-peters.github.io/treebox/how-it-works/).
178
181
 
@@ -191,13 +194,47 @@ All keys, shared-cache overrides, setup hooks, and sandbox templates are
191
194
  covered in the
192
195
  [configuration guide](https://seth-peters.github.io/treebox/configuration/).
193
196
 
197
+ ## Customizing isolation
198
+
199
+ `docker` isolation is defined by an **operator-owned template** — a
200
+ `Dockerfile` + `container.json` you copy out and edit, kept beside the worktree
201
+ so a boxed agent can't touch its own cage. The shipped image bundles Node 22,
202
+ uv, `gh`, ripgrep, and the agent CLIs, so a Node project often needs no image
203
+ change. For a genuinely separate, non-Python box, copy the template and edit
204
+ two things — global tooling in the `Dockerfile`, and `postCreate` to install
205
+ your repo's deps (in docker, setup runs `postCreate`, not the host-mode
206
+ ecosystem auto-detect):
207
+
208
+ ```bash
209
+ cp -R "$(python -c 'import treebox.assets, pathlib; print(pathlib.Path(treebox.assets.__file__).parent)')/container" \
210
+ ~/.config/treebox/templates/node
211
+ ```
212
+
213
+ ```dockerfile
214
+ # ~/.config/treebox/templates/node/Dockerfile — Node 22 is already baked in
215
+ USER root
216
+ RUN npm install -g pnpm@9 typescript tsx
217
+ USER ${USERNAME}
218
+ ```
219
+
220
+ ```json
221
+ // ~/.config/treebox/templates/node/container.json
222
+ "postCreate": "if [ -f pnpm-lock.yaml ]; then pnpm install --frozen-lockfile; elif [ -f package-lock.json ]; then npm ci; else npm install; fi"
223
+ ```
224
+
225
+ Then select it per run (`--isolation docker --template node`) or set
226
+ `template = "node"` in your config — a `node` box and a `python` box coexist,
227
+ one per stack. Full walkthrough in the
228
+ [configuration guide](https://seth-peters.github.io/treebox/configuration/#worked-example-a-node-sandbox-not-python).
229
+
194
230
  ## Development
195
231
 
196
232
  ```bash
197
233
  git clone https://github.com/Seth-Peters/treebox && cd treebox
198
234
  uv run treebox ... # run the CLI from the working tree
235
+ uv run --extra dev pre-commit install # lint/format/type hooks (see CONTRIBUTING.md)
199
236
  uv run --extra dev python -m pytest # unit + integration suite
200
- ./scripts/validate.sh # lint + tests + live host-runner smoke
237
+ ./scripts/validate.sh # lint + format + tests + live host-runner smoke
201
238
  ```
202
239
 
203
240
  ## Contributing
@@ -40,7 +40,7 @@ command-line flag > config.toml > built-in default
40
40
  | Key | Default | What it controls |
41
41
  | ---------- | -------------------- | --------------------------------------------------------- |
42
42
  | `isolation`| `host` | Where agents run: the worktree shell, or a docker sandbox. |
43
- | `harness` | `claude` | Which agent `create`/`enter` launch by default. |
43
+ | `harness` | `claude` | Which agent `create` launches by default; `enter` reuses the harness the worktree was created with unless `--harness` overrides it. |
44
44
  | `base` | `main` | Base branch for new branches (resolved as `origin/<base>`). |
45
45
  | `root` | `.treebox/worktrees` | Where worktree directories are created, relative to the repo. |
46
46
  | `env_file` | `.env` | The secrets file copied into every new worktree. |
@@ -66,7 +66,9 @@ cp -R "$(python -c 'import treebox.assets, pathlib; print(pathlib.Path(treebox.a
66
66
  syntax, with `${workspaceName}` substituted per worktree), and `runArgs` feed
67
67
  `docker run`; `postCreate` is the setup command exec'd in the workspace after
68
68
  the container starts. The firewall overlay in `firewall.json` deep-merges on
69
- top when `--firewall` is set.
69
+ top when the firewall is enabled (`firewall = true` in the config, or
70
+ `--firewall` per run; `--no-firewall` opts a single run out of a config
71
+ default).
70
72
 
71
73
  Templates in `~/.config/treebox/templates/<name>` are picked by the
72
74
  `template` config key or per-invocation with `--template <name>`. The
@@ -75,11 +77,51 @@ mount — so a sandboxed agent can't edit it. Any container config in the
75
77
  target repo itself is deliberately ignored; see
76
78
  [how it works](how-it-works.md#the-sandbox-config-lives-outside-the-box).
77
79
 
80
+ ### Worked example: a Node sandbox, not Python
81
+
82
+ Say your project is Node and you want a box with nothing to do with the
83
+ default Python one. Keep a separate named template and select it per run —
84
+ a `node` box and a `python` box coexist, one per stack. Copy the template out:
85
+
86
+ ```bash
87
+ cp -R "$(python -c 'import treebox.assets, pathlib; print(pathlib.Path(treebox.assets.__file__).parent)')/container" \
88
+ ~/.config/treebox/templates/node
89
+ ```
90
+
91
+ The shipped image already bundles Node 22 (plus uv, `gh`, ripgrep, and the
92
+ agent CLIs), so a Node project often needs no image change at all. Add any
93
+ **global** tooling to `~/.config/treebox/templates/node/Dockerfile`:
94
+
95
+ ```dockerfile
96
+ USER root
97
+ RUN npm install -g pnpm@9 typescript tsx
98
+ USER ${USERNAME}
99
+ ```
100
+
101
+ Then the one docker-specific step: point `postCreate` in `container.json` at
102
+ your project's install command. In docker isolation, dependency setup is
103
+ driven by the template's `postCreate` — not the host-mode ecosystem
104
+ auto-detect — so a non-Python project must wire its own install here (the
105
+ npm/pnpm cache is mounted, so it stays warm across worktrees):
106
+
107
+ ```json
108
+ "postCreate": "if [ -f pnpm-lock.yaml ]; then pnpm install --frozen-lockfile; elif [ -f package-lock.json ]; then npm ci; else npm install; fi"
109
+ ```
110
+
111
+ Now provision with it, per-invocation or as your default (`template = "node"`):
112
+
113
+ ```bash
114
+ treebox create my-feature --isolation docker --template node
115
+ ```
116
+
117
+ First run builds your image (cached after that), provisions the worktree, runs
118
+ `postCreate` to install deps, and launches the agent inside.
119
+
78
120
  ## Environment variables
79
121
 
80
122
  | Variable | Effect |
81
123
  | ----------------- | ------------------------------------------------------------- |
82
- | `TREEBOX_CONFIG` | Explicit path to the config file (overrides the XDG lookup). |
124
+ | `TREEBOX_CONFIG` | Explicit path to the config file (overrides the XDG lookup). Setting it asserts the file exists — a missing file here is a loud error (exit `2`), not a silent fall-back to defaults. |
83
125
  | `XDG_CONFIG_HOME` | Standard XDG base for `treebox/config.toml` and templates. |
84
126
  | `XDG_CACHE_HOME` | Standard XDG base for the shared package caches treebox mounts. |
85
127
 
@@ -104,5 +104,7 @@ treebox assumes the caller is often another program:
104
104
  - **`--json` with a `schemaVersion`** that only gains fields within a version
105
105
  (git-porcelain discipline), plus `--print` and `--dry-run` for scripts that
106
106
  want the commands, not the side effects.
107
- - **Per-worktree locking**, so two concurrent `create fix-auth` calls
108
- conflict cleanly (`5`) instead of corrupting a worktree.
107
+ - **Per-worktree locking**, held by `create`, `enter`, and `teardown` alike,
108
+ so racing operations on one name — two `create fix-auth` calls, or a
109
+ `teardown fix-auth` against a concurrent provision — conflict cleanly (`5`)
110
+ instead of corrupting or half-removing a worktree.