| 164 | |
| 165 | /** The uniform runtime surface a sandbox exposes. */ |
| 166 | export interface SandboxHandle { |
| 167 | /** Provider-assigned id used to reconnect to this sandbox. */ |
| 168 | readonly id: string |
| 169 | /** Provider name (e.g. "docker", "cloudflare", "local-process"). */ |
| 170 | readonly provider: string |
| 171 | /** |
| 172 | * Real filesystem path backing the virtual workspace root (`/workspace`). |
| 173 | * Harness CLIs and ACP `newSession` interpret cwd literally — use |
| 174 | * {@link resolveHarnessCwd} rather than the virtual path when the provider |
| 175 | * maps `/workspace` elsewhere (Daytona, Vercel, local-process). |
| 176 | */ |
| 177 | readonly workspaceRoot?: string |
| 178 | /** What this sandbox can do. */ |
| 179 | readonly capabilities: SandboxCapabilities |
| 180 | readonly fs: SandboxFs |
| 181 | readonly git: SandboxGit |
| 182 | readonly process: SandboxProcess |
| 183 | readonly ports: SandboxPorts |
| 184 | readonly env: SandboxEnv |
| 185 | /** Capability-gated: throws UnsupportedCapabilityError if `capabilities.snapshots` is false. */ |
| 186 | snapshot?: (label?: string) => Promise<SnapshotRef> |
| 187 | /** Capability-gated: throws UnsupportedCapabilityError if `capabilities.fork` is false. */ |
| 188 | fork?: () => Promise<SandboxHandle> |
| 189 | destroy: () => Promise<void> |
| 190 | } |
| 191 | |
| 192 | /** Input passed to {@link SandboxProvider.create}. */ |
| 193 | export interface SandboxCreateInput { |
nothing calls this directly
no outgoing calls
no test coverage detected