Skip to content

feat: mxc-sdk lib crate #524

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
caarlos0 wants to merge 125 commits into from
+0 βˆ’0
Closed

feat: mxc-sdk lib crate #524

Changes from all commits
Commits
Show all changes
125 commits
Select commit Hold shift + click to select a range
9fee9b0
feat(mxc): add importable library crate for starting sandboxes
caarlos0 Jun 11, 2026
2610992
feat(mxc): add handle-based spawn for live stdio and kill
caarlos0 Jun 11, 2026
1a98ee0
fix(seatbelt): report ProcessExited and stop getcwd stderr leak
caarlos0 Jun 11, 2026
0987176
feat(mxc): Windows AppContainer streaming spawn (handle-based)
caarlos0 Jun 11, 2026
a259734
feat(mxc): Windows BaseContainer streaming spawn (handle-based)
caarlos0 Jun 11, 2026
ef7c507
feat(mxc): clear error on unsupported host OS
caarlos0 Jun 11, 2026
776f103
feat(mxc): expose process id and make kill() a process-tree kill
caarlos0 Jun 11, 2026
c96648b
feat(mxc): streaming spawn for the Bubblewrap backend
caarlos0 Jun 11, 2026
ccea5cd
refactor(seatbelt): dedupe spawn-error message
caarlos0 Jun 12, 2026
45fd2b7
feat(mxc): port SDK config-building helpers into the crate
caarlos0 Jun 12, 2026
d905a6b
fix(mxc): don't close the BaseContainer process handle during job ass…
caarlos0 Jun 12, 2026
7801d72
fix(mxc): tree-kill on AppContainer timeout so scriptTimeout is enforced
caarlos0 Jun 12, 2026
191bc49
docs(mxc): correct the Windows streaming fallback comment
caarlos0 Jun 12, 2026
4c859b8
fix(seatbelt): group-kill on streaming timeout to reap descendants
caarlos0 Jun 12, 2026
5bf9578
fix(mxc): terminate and reap the child before network/policy teardown…
caarlos0 Jun 12, 2026
55bd704
fix(mxc): use correct clipboard wire values in build_request
caarlos0 Jun 12, 2026
e50599f
fix(mxc): resolve policy paths lexically so the system-critical filte…
caarlos0 Jun 12, 2026
912780b
docs(mxc): document the SandboxProcess pipe-deadlock contract
caarlos0 Jun 12, 2026
efaee61
refactor(mxc): address low-severity review items
caarlos0 Jun 12, 2026
d2df21f
test(mxc): cover the gaps that let review items #1/#2 slip through
caarlos0 Jun 12, 2026
fecf167
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 12, 2026
20dc3d5
refactor(mxc): drop LXC from the library crate
caarlos0 Jun 12, 2026
6ce7304
fix(mxc): address PR review feedback on timeouts and dispatch warnings
caarlos0 Jun 12, 2026
d8446cb
fix(mxc): reject empty policy version in build_request
caarlos0 Jun 12, 2026
9a79212
fix(mxc): deserialize SDK proxy union shape in ProxySpec
caarlos0 Jun 12, 2026
42dc281
test(mxc): harden streaming/sdk-helper test probes
caarlos0 Jun 12, 2026
9bd53cd
fix(mxc): bounded, lossy, non-blocking output capture
caarlos0 Jun 12, 2026
326c986
fix(seatbelt): never inherit the host environment
caarlos0 Jun 12, 2026
8fe7f53
fix(seatbelt): add Drop to SeatbeltSandboxProcess
caarlos0 Jun 12, 2026
53f2a27
fix(mxc): kill+reap+join on the streaming wait() I/O-error branch
caarlos0 Jun 12, 2026
9a584c5
fix(mxc): preserve BackendUnavailable on the streaming spawn path
caarlos0 Jun 12, 2026
6b4cc2f
fix(mxc): correct Windows system-critical-path matching
caarlos0 Jun 12, 2026
839b2e4
fix(mxc): report timeouts uniformly across backends
caarlos0 Jun 12, 2026
290b030
fix(seatbelt): group-kill on the capture-path timeout so it can't hang
caarlos0 Jun 12, 2026
88abfa1
fix(bubblewrap): group-kill on the run-to-completion timeout
caarlos0 Jun 12, 2026
9d34b98
chore: simplify
caarlos0 Jun 12, 2026
3a5f146
fix(mxc): always SIGKILL-sweep the group on tree-kill
caarlos0 Jun 12, 2026
9fc5171
fix(seatbelt): label the CLI/pty timeout as FailurePhase::Timeout
caarlos0 Jun 12, 2026
1358ba2
refactor(mxc): trim the public API to what consumers use
caarlos0 Jun 12, 2026
9718c8e
refactor(seatbelt): extract timeout_response helper
caarlos0 Jun 12, 2026
7875735
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 12, 2026
6c9de63
fix(appcontainer): return WxcError from the release-build learning-mo…
caarlos0 Jun 12, 2026
64b42c7
chore: declare MIT license on all workspace crates
caarlos0 Jun 12, 2026
db6402c
refactor(mxc): remove the run-to-completion API
caarlos0 Jun 12, 2026
be09bc7
docs(mxc): fix stale capture_output comments after run-to-completion …
caarlos0 Jun 12, 2026
8dfdf58
refactor(mxc): remove the redundant capture_output flag
caarlos0 Jun 12, 2026
c0330df
chore: simplify
caarlos0 Jun 12, 2026
4adc889
refactor(mxc): narrow streaming wait() to the exit code
caarlos0 Jun 12, 2026
ea12965
refactor(mxc): restore read_from_pipe to its main version
caarlos0 Jun 12, 2026
a0bd9f4
refactor(mxc): make the crate purely additive (drop select_runner)
caarlos0 Jun 12, 2026
4106943
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 12, 2026
a745649
chore: sync Cargo.lock to workspace version 0.7.0
caarlos0 Jun 12, 2026
5389f36
refactor(mxc): drop dead #[allow(unused_variables)] on spawn_runner
caarlos0 Jun 12, 2026
71a367e
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 15, 2026
93ec0b2
chore: fix comments
caarlos0 Jun 15, 2026
13afe9d
refactor(mxc): dedup streaming SandboxProcess helpers, drop dead code
caarlos0 Jun 15, 2026
cde5bdf
refactor(appcontainer): collapse the vestigial capture/stream flag
caarlos0 Jun 15, 2026
2af3920
refactor: unify Seatbelt + Bubblewrap on one spawn(StdioMode) API
caarlos0 Jun 15, 2026
82e9ec2
refactor: unify Windows ProcessContainer on spawn(StdioMode); drop St…
caarlos0 Jun 15, 2026
e6abec5
refactor: rename RtcRunner to Runner
caarlos0 Jun 15, 2026
8c13184
test(mxc): cover the seatbelt guiAccess streaming rejection
caarlos0 Jun 15, 2026
54f92bd
fix(lxc): gate Runner import behind cfg(target_os = "linux")
caarlos0 Jun 15, 2026
97a84d0
style(lxc): sort the cfg-gated Runner import
caarlos0 Jun 15, 2026
2db6d05
refactor(seatbelt): drop the now-unused mxc_pty dependency
caarlos0 Jun 15, 2026
4b1681a
docs: sync copilot-instructions to the unified SandboxBackend model
caarlos0 Jun 15, 2026
8c51b1f
refactor(mxc): drop unused public API surface
caarlos0 Jun 15, 2026
f391507
chore: simplify
caarlos0 Jun 16, 2026
046385b
refactor(mxc): take a typed Config instead of a JSON string
caarlos0 Jun 16, 2026
b4fa048
refactor(mxc): collapse to a single spawn_sandbox(ExecutionRequest) e…
caarlos0 Jun 16, 2026
0ab9245
refactor(appcontainer): dedup proxy-var injection and unexpose a helper
caarlos0 Jun 16, 2026
a7d9962
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 18, 2026
b997798
feat(mxc): add stdout/stderr close affordance to streamed sandboxes
caarlos0 Jun 18, 2026
73387bb
fix(mxc): harden streaming stdout/stderr read cancellation
caarlos0 Jun 18, 2026
1d83456
fix(mxc): reject network.proxy.builtinTestServer:false
caarlos0 Jun 18, 2026
d8b1bb8
chore: simplify
caarlos0 Jun 18, 2026
ad72629
fix(wxc_common): harden process-group kill and pipe stream primitives
caarlos0 Jun 19, 2026
9d1f91a
fix(seatbelt): orphan-free spawn, inherit tree-kill, small timeouts, …
caarlos0 Jun 19, 2026
08ec195
fix(bubblewrap): scope process_group to Pipes mode; tighten timeout poll
caarlos0 Jun 19, 2026
c1798f4
fix(mxc): reject conflicting proxy modes; drop build_request round-trip
caarlos0 Jun 19, 2026
32ada5d
refactor(mxc): private Runner field; idiomatic rustdoc example
caarlos0 Jun 19, 2026
44abe8c
docs: sync Seatbelt env/cwd behavior and the streaming-mechanism notes
caarlos0 Jun 19, 2026
d237530
fix(appcontainer): tree-kill before teardown on the wait() success path
caarlos0 Jun 19, 2026
5a1f947
fix(appcontainer): fail closed when BaseContainer job assignment fails
caarlos0 Jun 19, 2026
94ef6d1
fix(mxc): scope the PowerShell read-only grant to what pwsh needs
caarlos0 Jun 19, 2026
5287c60
fix(appcontainer): make firewall COM apartment-self-contained
caarlos0 Jun 19, 2026
123d8db
test(e2e): characterize executor run-to-completion behavior
Jun 19, 2026
039694b
Merge branch 'main' into mxc-crate
caarlos0 Jun 22, 2026
b053747
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 22, 2026
f8122a8
Merge executor characterization tests (microsoft/mxc#540) into mxc-crate
caarlos0 Jun 22, 2026
ab4b41c
fix(seatbelt): hard-kill the process group on timeout
caarlos0 Jun 22, 2026
0e94f26
test(e2e): align merged Seatbelt characterization with mxc-crate beha…
caarlos0 Jun 22, 2026
c633932
fix(sandbox): kill the process group with a single leader-first SIGKILL
caarlos0 Jun 22, 2026
f608347
style(sandbox): condense kill-path comments to shrink the diff
caarlos0 Jun 22, 2026
db034e9
chore: simplify
caarlos0 Jun 22, 2026
e6950d9
Merge upstream/main into mxc-crate
caarlos0 Jun 22, 2026
04b7336
refactor(mxc-sdk): rename the mxc crate to mxc-sdk
caarlos0 Jun 22, 2026
b7984fa
refactor(mxc-sdk): wrap build_request output in an opaque SandboxRequest
caarlos0 Jun 22, 2026
c94be2c
refactor(mxc-sdk): give build_request/spawn_sandbox crate-owned types
caarlos0 Jun 22, 2026
7d57544
feat(mxc-sdk): expose Seatbelt extra_mach_lookups / keychain_access o…
caarlos0 Jun 22, 2026
228df00
chore: make SandboxRequest derive Clone
caarlos0 Jun 23, 2026
d236651
chore: simplify
caarlos0 Jun 23, 2026
2406680
chore: rename method
caarlos0 Jun 23, 2026
d093cb7
refactor(policy): port the SDK PowerShell policy verbatim
caarlos0 Jun 23, 2026
a4ed00d
docs(lxc): drop the Seatbelt mention from the lxc backend doc
caarlos0 Jun 23, 2026
523b697
fix: review
caarlos0 Jun 23, 2026
019bb04
fix(sandbox): never signal a reaped child's pid/pgid from kill()
caarlos0 Jun 23, 2026
bcec12a
fix(policy): match Windows env var names case-insensitively
caarlos0 Jun 23, 2026
8421493
docs(sandbox): correct kill() contract to immediate SIGKILL
caarlos0 Jun 23, 2026
2aab271
docs(mxc-sdk): describe Windows backend selection, not a fallback
caarlos0 Jun 23, 2026
fe7dd08
fix(policy): mirror the SDK and accept host rules on macOS Seatbelt
caarlos0 Jun 23, 2026
2a2edb0
docs(policy): correct allowedHosts/blockedHosts allowOutbound require…
caarlos0 Jun 23, 2026
c81751c
docs(mxc-sdk): document set_script's SDK-equivalent command semantics
caarlos0 Jun 23, 2026
e83cef0
perf(sandbox): back off the Unix wait poll instead of a fixed 50ms tick
caarlos0 Jun 23, 2026
80f2b58
test(mxc-sdk): cover try_wait-reap-then-kill and double-kill-before-wait
caarlos0 Jun 23, 2026
5c0752c
feat(mxc-sdk)!: return a typed WaitOutcome from Sandbox::wait
caarlos0 Jun 23, 2026
526b16d
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 24, 2026
8448fd3
feat(mxc-sdk): add Sandbox::wait_with_output to drain both streams sa…
caarlos0 Jun 24, 2026
eb9fa56
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 24, 2026
85731bb
test(mxc-sdk): cover dispatch guard branches for unsupported containm…
caarlos0 Jun 24, 2026
a607df8
feat(mxc-sdk): take structured (key, value) pairs in SandboxRequest::…
caarlos0 Jun 24, 2026
b925434
fix(wxc_common): set FD_CLOEXEC on the interruptible-reader wake pipe
caarlos0 Jun 24, 2026
fd9ac81
fix(wxc_common): propagate non-benign group_kill signal errors
caarlos0 Jun 24, 2026
d94a83f
test(mxc-sdk): move the Windows streaming test out of the macOS-gated…
caarlos0 Jun 24, 2026
064a95f
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 24, 2026
ca7d6f6
Merge remote-tracking branch 'upstream/main' into mxc-crate
caarlos0 Jun 24, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view

These merge commits were added into this branch cleanly.

There are no new changes to show.