b2ece43a03
docs: complete v2.0 project research
2026-04-10 08:45:25 +00:00
3dfcb40e31
docs: start milestone v2.0 Network Isolation & Profiles
2026-04-10 08:30:13 +00:00
ee686a36eb
chore: complete v1.0 MVP milestone
...
Archive milestone artifacts, evolve PROJECT.md, reorganize ROADMAP.md,
write retrospective. Requirements archived to milestones/v1.0-REQUIREMENTS.md.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 08:05:53 +00:00
778216ead9
docs(quick-260410-d4u): on non-nixos hosts, bwrap fails because /etc/static does not exist
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 09:46:51 +02:00
97c10f8fd4
fix(260410-d4u): conditionally mount /etc/static only on NixOS
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 09:29:11 +02:00
1ccaf20eb4
docs: fix remote URL and add flake usage to README
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 22:04:41 +02:00
7430e9d64c
docs: add README
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 22:03:20 +02:00
e4d47b997b
docs: plant seed — mount real ~/.claude instead of separate ~/.claudebox
2026-04-09 21:52:27 +02:00
e43d33602d
fix: symlink ~/.claude to ~/.claudebox instead of renaming mount
...
Both paths now resolve inside the sandbox, so hook paths
and settings referencing ~/.claude work without fixups.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 21:44:54 +02:00
d4cfa7a537
docs(phase-03): evolve PROJECT.md after phase completion
2026-04-09 21:24:47 +02:00
f5b77428a5
docs(phase-03): complete phase execution
2026-04-09 21:24:22 +02:00
9a7fba2219
docs(03): add code review report
2026-04-09 21:21:53 +02:00
a36956236a
chore: merge executor worktree (worktree-agent-a9a8ae0c)
2026-04-09 21:19:46 +02:00
7864f5d00d
docs(03-01): complete sandbox-aware prompting plan
2026-04-09 21:19:28 +02:00
27d9db44a0
feat(03-01): add SANDBOX.md generation and CLAUDE.md import check
2026-04-09 21:18:10 +02:00
2f737d1f3a
docs(03): create phase plan
2026-04-09 21:13:18 +02:00
351dcc5c8b
docs(03): research sandbox-aware prompting
2026-04-09 21:05:52 +02:00
2ee1588408
docs(state): record phase 3 context session
2026-04-09 20:59:46 +02:00
8e900862f9
docs(03): capture phase context
2026-04-09 20:59:38 +02:00
a15d4b11d8
docs: plant seed — Go rewrite of claudebox.sh
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 17:47:08 +02:00
8555fd5c83
docs: plant seed — eBPF network session logging
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 17:44:44 +02:00
88dda3a777
docs(02): mark phase complete
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 17:43:28 +02:00
c83129953f
test(02): persist human verification items as UAT
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 17:28:18 +02:00
caabd59ae2
docs(02): add code review report
2026-04-09 17:25:30 +02:00
64cb190b5d
docs(02-02): complete env audit display plan
2026-04-09 17:22:39 +02:00
b035f82cc7
feat(02-02): add confirmation prompt with TTY detection
2026-04-09 17:21:37 +02:00
1c986d22b8
feat(02-02): add env audit display with masking and grouped sections
2026-04-09 17:20:58 +02:00
a0f42f89d5
docs(02-01): complete flag parsing and CLI modes plan
2026-04-09 17:13:18 +02:00
7001303436
feat(02-01): add --check mode for prerequisite verification
2026-04-09 17:13:18 +02:00
1eddd9336d
feat(02-01): add --dry-run mode that prints full bwrap command and exits
2026-04-09 17:13:17 +02:00
72ba48d004
feat(02-01): refactor flag parsing to while/shift with CLAUDE_ARGS accumulator
2026-04-09 17:13:17 +02:00
daf47bd094
docs(02): record planning completion in state
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 16:56:37 +02:00
0a4dba4c3c
docs(02): create phase plan
2026-04-09 16:34:14 +02:00
28798102d0
docs(02): research phase domain
2026-04-09 15:39:57 +02:00
0f4e26e8ae
docs(state): record phase 2 context session
2026-04-09 15:34:01 +02:00
bab3d8bc6d
docs(02): capture phase context
2026-04-09 15:33:52 +02:00
f19fd74bc3
docs: mark phase 1 complete
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 15:00:14 +02:00
613d015cc1
fix: SHELL path, PATH isolation, --shell flag, nix-claude-code input
...
- Resolve SHELL to nix store bash path (was /bin/bash which doesn't exist in sandbox)
- Inject clean SANDBOX_PATH via makeBinPath (was leaking entire host PATH)
- Add --shell flag to drop into sandboxed bash for manual verification
- Use nix-claude-code flake for claude-code binary instead of host PATH discovery
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 14:59:43 +02:00
dd6742abef
docs: plant seed — agent-agnostic sandbox support
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 13:03:55 +02:00
e385f414ca
docs(01-02): complete build verification plan
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 11:15:53 +02:00
9296453be3
fix(01-02): resolve claude and env paths through symlinks
...
readlink -f ensures CLAUDE_BIN and env point to real nix store
paths accessible inside the bwrap sandbox.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 11:14:50 +02:00
14642eb32e
docs(01-01): complete nix flake and sandbox script plan
2026-04-09 11:13:09 +02:00
26bdf368b5
chore(01-01): add flake.lock with pinned nixpkgs and nix-index-database
2026-04-09 11:11:55 +02:00
51dba047f3
feat(01-01): add claudebox.sh with bwrap sandbox, env allowlist, and secret hiding
2026-04-09 11:11:44 +02:00
0ed2d33117
feat(01-01): add flake.nix with writeShellApplication and all runtimeInputs
2026-04-09 11:11:11 +02:00
7b1220bdf1
docs(01): resolve open research questions
2026-04-09 11:05:02 +02:00
71790d714b
docs(01): create phase plan
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 11:02:11 +02:00
da29430168
docs(phase-1): research minimal viable sandbox
...
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-09 10:55:45 +02:00
6015593272
docs(state): record phase 1 context session
2026-04-09 10:46:48 +02:00
527ed51e6a
docs(01): capture phase context
2026-04-09 10:46:40 +02:00
