Preparing for v1.2.0 release

Author: maoueh

CHANGELOG.md

@@ -4,6 +4,34 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## v1.2.0
+
+### Added
+
+- Named volume persistence for container backend (`sbox-claude-<hash>`) to persist `.claude` folder across sessions
+- Claude state caching for sandbox backend
+  - Entire `.claude` folder is synced to `.sbox/claude-cache/` on `sbox stop`
+  - Cache is restored on sandbox creation, preserving auth across recreations
+  - Automatically saves cache before `sbox run --recreate`
+  - Uses `rsync` for efficient synchronization
+  - Preserves: credentials, settings, projects, plugins, agents, shell-snapshots, todos, etc.
+- Platform-aware Docker socket mounting for container backend
+  - macOS: Checks `~/.docker/run/docker.sock` first, then `/var/run/docker.sock`
+  - Linux: Uses `/var/run/docker.sock`
+  - `SBOX_DOCKER_SOCKET` environment variable for explicit path override
+- `sbox info` now shows both create and run commands for sandbox backend
+- `javascript` profile for JavaScript/TypeScript development (installs pnpm and yarn)
+- Backend-specific context instructions embedded in CLAUDE.md/AGENTS.md hierarchy
+  - **Sandbox backend**: Documents MicroVM environment, native Docker access, persistence behavior
+  - **Container backend**: Documents Docker socket requirements, sudo usage, volume mount caveats
+  - Both include instructions for Docker, Docker Compose, and Testcontainers usage
+
+### Changed
+
+- Refactored CLI commands to use shared `WorkspaceContext` for config loading
+- Added `Capitalize()` method to `BackendType` for consistent display formatting
+- Added `SaveCache()` and `Cleanup()` methods to `Backend` interface for proper encapsulation
+
 ## v1.1.0
 
 ### Added
@@ -29,6 +57,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
   - Linux: Uses `/var/run/docker.sock`
   - `SBOX_DOCKER_SOCKET` environment variable for explicit path override
 - `sbox info` now shows both create and run commands for sandbox backend
+- `javascript` profile for JavaScript/TypeScript development (installs pnpm and yarn)
+- Backend-specific context instructions embedded in CLAUDE.md/AGENTS.md hierarchy
+  - **Sandbox backend**: Documents MicroVM environment, native Docker access, persistence behavior
+  - **Container backend**: Documents Docker socket requirements, sudo usage, volume mount caveats
+  - Both include instructions for Docker, Docker Compose, and Testcontainers usage
 
 ### Changed
 

backend_container.go

@@ -70,7 +70,7 @@ func (b *ContainerBackend) Run(opts BackendOptions) error {
 	if opts.SboxFile != nil && opts.SboxFile.Config != nil {
 		sboxFileEnvs = opts.SboxFile.Config.Envs
 	}
-	if err := PrepareSboxDirectory(absPath, opts.Config, opts.Config.Envs, opts.ProjectConfig.Envs, sboxFileEnvs); err != nil {
+	if err := PrepareSboxDirectory(absPath, opts.Config, opts.Config.Envs, opts.ProjectConfig.Envs, sboxFileEnvs, BackendContainer); err != nil {
 		return fmt.Errorf("failed to prepare .sbox directory: %w", err)
 	}
 

backend_sandbox.go

@@ -53,7 +53,7 @@ func (b *SandboxBackend) Run(opts BackendOptions) error {
 	if opts.SboxFile != nil && opts.SboxFile.Config != nil {
 		sboxFileEnvs = opts.SboxFile.Config.Envs
 	}
-	if err := PrepareSboxDirectory(opts.WorkspaceDir, opts.Config, opts.Config.Envs, opts.ProjectConfig.Envs, sboxFileEnvs); err != nil {
+	if err := PrepareSboxDirectory(opts.WorkspaceDir, opts.Config, opts.Config.Envs, opts.ProjectConfig.Envs, sboxFileEnvs, BackendSandbox); err != nil {
 		return fmt.Errorf("failed to prepare .sbox directory: %w", err)
 	}
 

cmd/sbox/stop.go

@@ -81,7 +81,12 @@ func stopE(cmd *cobra.Command, args []string) error {
 	}
 
 	if info != nil {
-		cmd.Printf("%s stopped: %s (%s)\n", ctx.BackendType.Capitalize(), info.Name, info.ID[:12])
+		// For sandbox backend, ID and Name are the same, so don't show redundant ID
+		if info.ID != info.Name {
+			cmd.Printf("%s stopped: %s (%s)\n", ctx.BackendType.Capitalize(), info.Name, info.ID[:12])
+		} else {
+			cmd.Printf("%s stopped: %s\n", ctx.BackendType.Capitalize(), info.Name)
+		}
 		if removeSandbox {
 			cmd.Printf("%s removed: %s\n", ctx.BackendType.Capitalize(), info.Name)
 		}

embed.go

@@ -0,0 +1,27 @@
+package sbox
+
+import (
+	_ "embed"
+)
+
+// SandboxBackendContextMD contains instructions for Claude about the Docker Sandbox (MicroVM) environment.
+//
+//go:embed embedded/sandbox_backend.md
+var SandboxBackendContextMD string
+
+// ContainerBackendContextMD contains instructions for Claude about the Docker Container environment.
+//
+//go:embed embedded/container_backend.md
+var ContainerBackendContextMD string
+
+// GetBackendContextMD returns the appropriate context markdown for the given backend type.
+func GetBackendContextMD(backend BackendType) string {
+	switch backend {
+	case BackendContainer:
+		return ContainerBackendContextMD
+	case BackendSandbox:
+		return SandboxBackendContextMD
+	default:
+		return SandboxBackendContextMD
+	}
+}

embedded/container_backend.md

@@ -0,0 +1,188 @@
+# Sandbox Environment Context (Docker Container Backend)
+
+You are running inside an **sbox sandbox** using the **Docker Container** backend - a standard Docker container environment for Claude Code.
+
+## Environment Overview
+
+The Container backend runs your session inside a regular Docker container. This mode offers compatibility with all Docker environments and uses named volumes for persistence.
+
+### User & Paths
+
+- **User**: `agent` (non-root with sudo access)
+- **Home directory**: `/home/agent`
+- **Claude config**: `/home/agent/.claude` (persisted via named volume)
+- **Workspace**: Mounted at the same path as on the host (check `$PWD` or `$WORKSPACE_DIR`)
+
+### Pre-installed Tools
+
+- **Git**: Version control
+- **Node.js & npm**: JavaScript runtime
+- **rsync**: File synchronization
+- **curl, wget**: HTTP clients
+- **jq**: JSON processor
+- **sudo**: Elevated privileges when needed
+
+Additional tools may be available depending on configured profiles.
+
+## Freedom & Limitations
+
+### What You Can Do
+
+- Full read/write access to the workspace directory
+- Install packages with `sudo apt-get install`
+- Run any command as root with `sudo`
+- Access the internet (subject to firewall rules)
+- Run Docker commands (if `--docker-socket` was enabled)
+
+### Limitations
+
+- **Installed packages are ephemeral**: Lost when container is recreated
+- **Docker access requires explicit flag**: Must use `sbox run --docker-socket`
+- **Network restrictions**: Some external services may be blocked by firewall
+- **Docker socket permissions**: Requires `sudo` for Docker commands
+
+## Persistence
+
+| What | Persists Across Restarts | Persists Across Recreate |
+|------|-------------------------|-------------------------|
+| Workspace files | Yes | Yes |
+| Claude state (`~/.claude`) | Yes (named volume) | Yes (named volume) |
+| Installed apt packages | Yes | No |
+| Files outside workspace | Yes | No |
+
+To persist environment variables:
+```bash
+echo 'export MY_VAR=value' >> /etc/profile.d/sbox-env.sh
+# Use login shell to load: bash -l -c "command"
+```
+
+## Docker Usage
+
+Docker access requires the `--docker-socket` flag when starting the sandbox. The Docker socket from the host is mounted into the container.
+
+**Important**: Docker commands require `sudo` because the mounted socket has root permissions.
+
+### Checking Docker Access
+
+```bash
+# Verify Docker is available
+sudo docker info
+
+# If you see "permission denied", Docker socket was not mounted
+# Ask the user to restart with: sbox run --docker-socket
+```
+
+### Running Docker Containers
+
+```bash
+# Always use sudo for Docker commands
+sudo docker run hello-world
+
+# Run a container with port mapping
+sudo docker run -d -p 8080:80 nginx
+
+# Access the container (localhost works because of host network)
+curl http://localhost:8080
+```
+
+### Docker Compose
+
+```bash
+# Docker Compose is available as a plugin
+sudo docker compose up -d
+sudo docker compose logs -f
+sudo docker compose down
+```
+
+### Testcontainers
+
+Testcontainers require the Docker socket to be mounted. Configure testcontainers to use sudo or set up Docker group permissions:
+
+**Option 1: Configure DOCKER_HOST (if socket is accessible)**
+```bash
+export DOCKER_HOST=unix:///var/run/docker.sock
+```
+
+**Option 2: Use testcontainers with root privileges**
+
+For languages that spawn Docker commands, you may need to run tests as root:
+```bash
+sudo -E go test ./...  # -E preserves environment
+sudo -E npm test
+```
+
+**Java example:**
+```java
+// May need to run with sudo or configure Docker socket permissions
+@Container
+PostgreSQLContainer<?> postgres = new PostgreSQLContainer<>("postgres:15");
+```
+
+**Go example:**
+```go
+// Run test with: sudo -E go test ./...
+container, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
+    ContainerRequest: testcontainers.ContainerRequest{
+        Image:        "postgres:15",
+        ExposedPorts: []string{"5432/tcp"},
+    },
+    Started: true,
+})
+```
+
+**Node.js example:**
+```javascript
+// Run test with: sudo -E npm test
+const container = await new GenericContainer("postgres:15")
+    .withExposedPorts(5432)
+    .start();
+```
+
+### Volume Mounts - Important!
+
+When mounting volumes from Docker containers, you must use **host paths**, not container paths. The Docker daemon runs on the host, not inside this container.
+
+```bash
+# WRONG - uses container path (won't work)
+sudo docker run -v $(pwd):/app alpine ls /app
+
+# CORRECT - the workspace is mounted at the same path, so this works
+# because $(pwd) returns the same path as on the host
+sudo docker run -v ${WORKSPACE_DIR}:/app alpine ls /app
+```
+
+If you need to mount paths outside the workspace, you'll need to know the host path.
+
+## Common Patterns
+
+### Installing packages (ephemeral)
+```bash
+sudo apt-get update && sudo apt-get install -y <package>
+```
+
+### Running as root
+```bash
+sudo <command>
+# Or for a root shell:
+sudo -i
+```
+
+### Checking if Docker socket is available
+```bash
+if [ -S /var/run/docker.sock ]; then
+    echo "Docker socket is mounted"
+    sudo docker ps
+else
+    echo "Docker socket not available - restart with: sbox run --docker-socket"
+fi
+```
+
+### Setting up Docker group (alternative to sudo)
+```bash
+# Add agent to docker group (if it exists)
+sudo usermod -aG docker agent
+# Then start a new shell to pick up the group
+newgrp docker
+# Now docker commands work without sudo
+docker ps
+```