diff --git a/crates/openshell-sandbox/src/l7/rest.rs b/crates/openshell-sandbox/src/l7/rest.rs index 47588a416..19acdbf32 100644 --- a/crates/openshell-sandbox/src/l7/rest.rs +++ b/crates/openshell-sandbox/src/l7/rest.rs @@ -234,8 +234,6 @@ fn rewrite_request_line_target( Ok(out) } -// Used only in tests; kept as a `pub(crate)` helper for clarity. -#[allow(dead_code)] pub(crate) fn parse_target_query(target: &str) -> Result<(String, HashMap>)> { match target.split_once('?') { Some((path, query)) => Ok((path.to_string(), parse_query_params(query)?)), @@ -697,28 +695,6 @@ fn find_crlf(buf: &[u8], start: usize) -> Option { .map(|offset| start + offset) } -/// Read and relay a full HTTP response (headers + body) from upstream to client. -/// -/// Returns a [`RelayOutcome`] indicating whether the connection is reusable, -/// consumed, or has been upgraded (101 Switching Protocols). -/// -/// Note: callers that receive `Upgraded` are responsible for switching to -/// raw bidirectional relay and forwarding the overflow bytes. -// Public helper retained as part of the relay API surface; internal callers -// currently use `relay_response` directly. -#[allow(dead_code)] -pub(crate) async fn relay_response_to_client( - upstream: &mut U, - client: &mut C, - request_method: &str, -) -> Result -where - U: AsyncRead + Unpin, - C: AsyncWrite + Unpin, -{ - relay_response(request_method, upstream, client).await -} - async fn relay_response( request_method: &str, upstream: &mut U, diff --git a/docs/get-started/tutorials/first-network-policy.mdx b/docs/get-started/tutorials/first-network-policy.mdx index d3d5a416e..7148a05db 100644 --- a/docs/get-started/tutorials/first-network-policy.mdx +++ b/docs/get-started/tutorials/first-network-policy.mdx @@ -218,4 +218,4 @@ bash examples/sandbox-policy-quickstart/demo.sh ## Next Steps -- To walk through a full policy iteration with Claude Code, including diagnosing denials and applying fixes from outside the sandbox, refer to [Github Sandbox](/tutorials/github-sandbox). +- To walk through a full policy iteration with Claude Code, including diagnosing denials and applying fixes from outside the sandbox, refer to [GitHub Sandbox](/tutorials/github-sandbox). diff --git a/docs/get-started/tutorials/github-sandbox.mdx b/docs/get-started/tutorials/github-sandbox.mdx index ee3e16759..8f80a56dd 100644 --- a/docs/get-started/tutorials/github-sandbox.mdx +++ b/docs/get-started/tutorials/github-sandbox.mdx @@ -348,4 +348,4 @@ The following resources cover related topics in greater depth: - To add per-repository access levels (read-write vs read-only) or restrict to specific API methods, refer to the [Policy Schema Reference](/reference/policy-schema). - To learn the full policy iteration workflow (pull, edit, push, verify), refer to [Policies](/sandboxes/policies). -- To inject credentials automatically instead of pasting tokens, refer to [Manage Providers](/sandboxes/manage-providers +- To inject credentials automatically instead of pasting tokens, refer to [Manage Providers](/sandboxes/manage-providers) diff --git a/docs/sandboxes/manage-providers.mdx b/docs/sandboxes/manage-providers.mdx index fbfc4d380..5f95d2f07 100644 --- a/docs/sandboxes/manage-providers.mdx +++ b/docs/sandboxes/manage-providers.mdx @@ -156,7 +156,7 @@ The following provider types are supported. | `claude` | `ANTHROPIC_API_KEY`, `CLAUDE_API_KEY` | Claude Code, Anthropic API | | `codex` | `OPENAI_API_KEY` | OpenAI Codex | | `generic` | User-defined | Any service with custom credentials | -| `github` | `GITHUB_TOKEN`, `GH_TOKEN` | GitHub API, `gh` CLI — refer to [Github Sandbox](/tutorials/github-sandbox) | +| `github` | `GITHUB_TOKEN`, `GH_TOKEN` | GitHub API, `gh` CLI — refer to [GitHub Sandbox](/tutorials/github-sandbox) | | `gitlab` | `GITLAB_TOKEN`, `GLAB_TOKEN`, `CI_JOB_TOKEN` | GitLab API, `glab` CLI | | `nvidia` | `NVIDIA_API_KEY` | NVIDIA API Catalog | | `openai` | `OPENAI_API_KEY` | Any OpenAI-compatible endpoint. Set `--config OPENAI_BASE_URL` to point to the provider. Refer to [Configure](/inference/configure). | diff --git a/docs/sandboxes/manage-sandboxes.mdx b/docs/sandboxes/manage-sandboxes.mdx index 4b83fb4bb..c7397204a 100644 --- a/docs/sandboxes/manage-sandboxes.mdx +++ b/docs/sandboxes/manage-sandboxes.mdx @@ -235,7 +235,7 @@ openshell sandbox delete my-sandbox ## Next Steps -- To follow a complete end-to-end example, refer to the [Github Sandbox](/tutorials/github-sandbox) tutorial. +- To follow a complete end-to-end example, refer to the [GitHub Sandbox](/tutorials/github-sandbox) tutorial. - To supply API keys or tokens, refer to [Manage Providers](/sandboxes/manage-providers). - To control what the agent can access, refer to [Policies](/sandboxes/policies). - To use a pre-built environment, refer to the [Community Sandboxes](/sandboxes/community-sandboxes) catalog. diff --git a/docs/sandboxes/policies.mdx b/docs/sandboxes/policies.mdx index 19502d71f..12392f5f2 100644 --- a/docs/sandboxes/policies.mdx +++ b/docs/sandboxes/policies.mdx @@ -454,7 +454,7 @@ Endpoints without `protocol` use TCP passthrough, where the proxy allows the str Allow Claude and the GitHub CLI to reach `api.github.com` with per-path rules: read-only (GET, HEAD, OPTIONS) and GraphQL (POST) for all paths; full write access for `alpha-repo`; and create/edit issues only for `bravo-repo`. Replace `` with your GitHub org or username. -For an end-to-end walkthrough that combines this policy with a GitHub credential provider and sandbox creation, refer to [Github Sandbox](/tutorials/github-sandbox). +For an end-to-end walkthrough that combines this policy with a GitHub credential provider and sandbox creation, refer to [GitHub Sandbox](/tutorials/github-sandbox).