lywsvip/sandbox-runtime
1
0
Fork 0
mirror of https://github.com/anthropic-experimental/sandbox-runtime.git synced 2026-05-07 06:01:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
e94c5fd01d3c9fbfc4a0300ff3b63753fa01c21b
sandbox-runtime/package.json
Dylan Conway e94c5fd01d Run full test suite in CI and migrate platform skips to describe.if (#197) 
* Run full test suite in CI and migrate platform skips to describe.if

CI was running test:unit + test:integration, a curated subset of 5 files.
Most test files were never run in CI. Switch to `npm test` which runs
everything. Drop the test:unit/test:integration scripts.

Migrate the inline `if (skipIfNotLinux()) return` pattern to bun's native
`describe.if()`/`it.if()`. The old pattern made wrong-platform tests show
as pass (zero assertions, green checkmark) instead of skip — CI's test
count looked the same regardless of what actually ran. New
test/helpers/platform.ts exports isLinux/isMacOS/isSupportedPlatform.

Delete ~310 lines of unreachable tests from seccomp-filter.test.ts:
- skipIfNotAnt() gate checked USER_TYPE env var that nothing sets
- Two tests called wrapCommandWithSandboxLinux() with no restrictions,
  which returns the command unwrapped at the early-return check —
  expect("echo test").not.toContain("apply-seccomp") was vacuously true

Pin allow-read root-deny tests to /bin/bash — EXEC_DEPS doesn't list
/opt/homebrew, so execvp failed on Macs with homebrew bash as SHELL.

Add docker-tests CI job: unprivileged container on both arches,
exercises enableWeakerNestedSandbox end-to-end.

Drop push trigger from '**' to 'main' — PRs were running the full
matrix twice (once for branch push, once for the PR event).

* Replace mock.module with spyOn in linux-dependency-error tests

mock.module patches bun's module cache globally and never unmocks.
With npm test running all files in one process (instead of the old
test:unit + test:integration split), the mock leaked: every file that
imported getApplySeccompBinaryPath after this one got () => null, so
pid-namespace-isolation.test.ts and integration.test.ts failed in
beforeAll.

spyOn swaps one export binding; mockRestore in afterEach puts it back.
The callee's own import binding routes through the same slot in bun, so
checkLinuxDependencies sees the spy without any module-level surgery.

Also spies on whichSync directly rather than overwriting Bun.which on
globalThis — same fix, closer to what's actually being tested.

Drop stale README reference to the deleted test:integration script.

* Replace docker test-suite job with srt end-to-end test

The full suite assumes bwrap --proc /proc works; an unprivileged
container doesn't have CAP_SYS_ADMIN for that. Only tests that set
enableWeakerNestedSandbox can pass there.

Instead of filtering which unit tests to run, test the thing the job
is for: build srt, run it with enableWeakerNestedSandbox, check that
allowed writes land, denied writes don't, and the seccomp filter blocks
AF_UNIX. Gated on SRT_E2E_DOCKER so host jobs skip it.

* Rename docker job to match other Tests jobs

* Add required network key to docker test config

SandboxRuntimeConfigSchema requires network (no .optional()). Without it
loadConfig returns null, srt falls through to getDefaultConfig, and the
sandbox enforces a different allowWrite than the test expects.

* Add explicit timeouts to update-config sandboxed-curl tests

The three it.if(isLinux) tests each run two spawnSync calls with curl
--max-time 3 then --max-time 5. When example.com responds slowly both
curls run to their limits and the body takes ~8s, but bun's default
test timeout is 5000ms. bun aborts mid-body; afterEach runs reset()
against an in-flight spawn and the next test sees stale state.

These were never in test:integration so they never ran on CI before
this branch. On fast responses they complete in under 200ms.
2026-03-31 15:36:39 -07:00

87 lines
2.4 KiB
JSON
Raw Blame History

{
"name": "@anthropic-ai/sandbox-runtime",
"version": "0.0.46",
"description": "Anthropic Sandbox Runtime (ASRT) - A general-purpose tool for wrapping security boundaries around arbitrary processes",
"type": "module",
"main": "./dist/index.js",
"types": "./dist/index.d.ts",
"bin": {
"srt": "dist/cli.js"
},
"engines": {
"node": ">=18.0.0"
},
"scripts": {
"build": "tsc",
"postbuild": "[ -d vendor ] && cp -r vendor dist/ || true",
"build:seccomp": "scripts/build-seccomp-binaries.sh",
"clean": "rm -rf dist",
"test": "bun test",
"typecheck": "tsc --noEmit",
"lint": "eslint 'src/**/*.ts' --fix --cache --cache-location=node_modules/.cache/.eslintcache",
"lint:check": "eslint 'src/**/*.ts' --cache --cache-location=node_modules/.cache/.eslintcache",
"format": "prettier --write 'src/**/*.ts' --cache --log-level warn",
"prepublishOnly": "npm run clean && npm run build",
"prepare": "husky"
},
"dependencies": {
"@pondwader/socks5-server": "^1.0.10",
"@types/lodash-es": "^4.17.12",
"commander": "^12.1.0",
"lodash-es": "^4.17.23",
"shell-quote": "^1.8.3",
"zod": "^3.24.1"
},
"devDependencies": {
"@eslint/js": "^9.14.0",
"@types/bun": "^1.3.2",
"@types/node": "^18",
"@types/shell-quote": "^1.7.5",
"eslint": "^9.14.0",
"eslint-config-prettier": "^8.10.0",
"eslint-import-resolver-typescript": "^3.6.3",
"eslint-plugin-import": "^2.31.0",
"eslint-plugin-n": "^17.16.2",
"eslint-plugin-prettier": "^5.1.3",
"globals": "^15.12.0",
"husky": "^9.1.7",
"lint-staged": "^16.2.6",
"prettier": "3.3.3",
"typescript": "^5.6.3",
"typescript-eslint": "^8.13.0"
},
"files": [
"dist",
"vendor",
"README.md",
"LICENSE"
],
"keywords": [
"sandbox",
"seatbelt",
"sandbox-exec",
"anthropic",
"claude",
"security",
"bubblewrap",
"network-filtering",
"filesystem-restrictions"
],
"author": "Anthropic PBC",
"license": "Apache-2.0",
"repository": {
"type": "git",
"url": "git+https://github.com/anthropic-experimental/sandbox-runtime.git"
},
"bugs": {
"url": "https://github.com/anthropic-experimental/sandbox-runtime/issues"
},
"homepage": "https://github.com/anthropic-experimental/sandbox-runtime#readme",
"lint-staged": {
"*.ts": [
"eslint --fix --cache --cache-location=node_modules/.cache/.eslintcache",
"prettier --write"
]
}
}
Reference in New Issue View Git Blame Copy Permalink