What's New
Features
- Added directory listing support through the new execd directory API. The SDK exposes depth-controlled traversal (
depthdefaults to 1 for immediate children) and aFileInfo.typefield (file,directory,symlink,other). Symlinks are reported as symlinks and are not recursively traversed, and/files/infonow reports symlinks as symlinks rather than resolving to the target type. #1001 - Added line-based file reads through
GET /files/downloadwithoffset(1-based line number) andlimit(line count) query parameters, enabling callers to read large text files by line range. Mutually exclusive with the existingRangeheader. #1030 - Added detailed replace-content feedback without breaking existing callers. The replace API now returns
ContentReplaceResult[]exposing per-filereplacedCount, so callers can detect no-match (0) and multi-match (>1) replacements. Callers not using the return value are unaffected. #991 - Added Credential Vault support to the JS/TS SDK surface, including models, egress adapter, sandbox creation, unit tests, and E2E coverage. #1023
- Added
runOnceandwithSessionisolation convenience helpers.sandbox.isolation.runOnce(code, workspace, opts?)wraps create → run → delete into a single call with guaranteed cleanup, andsandbox.isolation.withSession(req, fn)scopes a multi-run isolated workflow with auto-delete on exit. Both are declared on theIsolationServiceinterface; cleanup is best-effort so it never masks the original error. #1008 #1222 - Added an LRU + TTL endpoint cache with in-flight request deduplication. The SDK now caches
(sandbox_id, port, use_server_proxy) → Endpointto avoid repeated resolution round-trips. It is enabled by default (TTL 600s, max size 1024) and tunable viaConnectionConfig; killing a sandbox actively invalidates its cached entries. #1133 - Sandbox lifecycle responses now surface
extensions. The JS/TS SDK response models exposeopensandbox.extensions.*data returned by create/get/list so callers can read extension values round-tripped from the server. #1112 - Added the optional
resourceRequestsfield to sandbox creation. Kubernetes-backed sandboxes can now set resource requests separately from limits (enabling Burstable QoS). Omitting the field preserves the existing behavior where requests equal limits. #1074
Bug Fixes
- Background command log polling now accepts a successful empty
GET /command/{id}/logsresponse as an empty log chunk instead of throwingunexpected response shape, while still parsing the tail cursor header so callers can continue polling from the returned offset. #1013 - Clarified
deleteOnSandboxTerminationsemantics in the JS sandbox model: auto-created Kubernetes PVCs are now actually deleted on sandbox termination when opted in (previously the field was documented as Docker-only). Default remainsfalse(opt-in), so existing behavior is unchanged. #880
Security
- Patched transitive npm advisories as part of a cross-package Dependabot sweep, bumping
undicito 8.5.0 (TLS bypass, DoS, cache poisoning, proxy reuse) andjs-yamlto 5.2.0 (quadratic DoS) viapnpm.overrides. #1145
Misc
- Deprecated the
portsfield on credential vault binding matches (CredentialMatch.ports). Port is now derived from the scheme (https→ 443,http→ 80), matching what the intercept layer actually redirects; values other than 80 or 443 are rejected by the server. The field is retained for backward compatibility but should no longer be set. #1189 - Updated the JS SDK package manifest repository/issues metadata to the new
opensandbox-group/OpenSandboxorg so package pages point to the current repo (published package name unchanged). #1139 - Regenerated the lifecycle client after the server dropped its unused
PendingSandboxmechanism, and refreshed generated execd clients for the isolated replace-content surface. #1178 #1129 #1002 - Bumped the JS Sandbox SDK package version to
0.1.10and aligned the default User-Agent string with the released version. #1062 #1248