Christopher Mühl
c5e8cca867
- Replace --bind ~/.claudebox + --symlink with direct --bind ~/.claude ~/.claude - Add compute_canonical_root() function using git rev-parse --git-common-dir - Add per-project INSTANCE_DIR via sha256sum[:16] of canonical git root - Overlay projects/ with per-project hash dir for isolated conversation history - Overlay history.jsonl and SANDBOX.md as file-level bind mounts - Update credential mount target from ~/.claudebox to ~/.claude - Add CLAUDE_JSON_FILE (~/.claude.json) detection and conditional bind mount - Remove stale CLAUDE.md injection logic (D-06: user's real CLAUDE.md used) - Update dry-run block and print_audit to reflect new mount layout - Update SANDBOX.md heredoc to remove ~/.claudebox reference
73 lines
2.7 KiB
Markdown
73 lines
2.7 KiB
Markdown
# Phase 1: Minimal Viable Sandbox - Discussion Log
|
|
|
|
> **Audit trail only.** Do not use as input to planning, research, or execution agents.
|
|
> Decisions are captured in CONTEXT.md — this log preserves the alternatives considered.
|
|
|
|
**Date:** 2026-04-09
|
|
**Phase:** 01-minimal-viable-sandbox
|
|
**Areas discussed:** Argument passthrough, nix-index database, Env edge cases, Git identity
|
|
|
|
---
|
|
|
|
## Argument Passthrough
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Forward all unknown | claudebox claims --yes, --dry-run, --check; everything else passes through to claude | ✓ |
|
|
| Explicit -- separator | claudebox args before --, claude args after -- | |
|
|
| Pass everything through | claudebox has no flags, controlled via env vars | |
|
|
|
|
**User's choice:** Forward all unknown
|
|
**Notes:** No -- separator needed. Simple and intuitive.
|
|
|
|
---
|
|
|
|
## nix-index Database
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| comma-with-db | Use nix-community/nix-index-database flake, bundles the DB | ✓ |
|
|
| Mount host ~/.cache/nix-index | Bind-mount host's nix-index DB read-only | |
|
|
| Both — prefer host, fallback to bundled | Mount host DB if exists, otherwise comma-with-db | |
|
|
|
|
**User's choice:** comma-with-db
|
|
**Notes:** Self-contained, no host dependency.
|
|
|
|
---
|
|
|
|
## Env Edge Cases
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Strict allowlist | Only SAND-03 vars, rebuild to add more | |
|
|
| Allowlist + CLAUDEBOX_EXTRA_ENV | Core allowlist + user-specified extras via comma-separated env var | ✓ |
|
|
| Strict + computed vars | Allowlist from host + claudebox generates its own TMPDIR, COLORTERM, etc. | |
|
|
|
|
**User's choice:** Allowlist + CLAUDEBOX_EXTRA_ENV
|
|
**Notes:** Pragmatic escape hatch for power users, user takes responsibility for not leaking secrets.
|
|
|
|
---
|
|
|
|
## Git Identity
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Generate minimal .gitconfig | Create sandbox-only .gitconfig with user.name, user.email, safe.directory | ✓ |
|
|
| Mount host .gitconfig read-only | Bind-mount host config, carries over everything including broken credential helpers | |
|
|
| Mount + override dangerous keys | Mount host config but neutralize credential.helper and core.pager via env vars | |
|
|
|
|
**User's choice:** Generate minimal .gitconfig
|
|
**Notes:** User asked whether custom git settings matter for Claude. Conclusion: Claude uses git programmatically, doesn't need aliases/pagers/merge tools. Mounting host config risks breakage from credential helpers and pagers referencing binaries not in sandbox PATH.
|
|
|
|
---
|
|
|
|
## Claude's Discretion
|
|
|
|
- Mount ordering, tmpfs layout, /dev /proc /tmp setup
|
|
- --clearenv + --setenv sequencing
|
|
- DNS resolution mount strategy
|
|
- SSL cert bundle path detection
|
|
|
|
## Deferred Ideas
|
|
|
|
None
|