32bdbe77ff
提供统一沙箱运行时,支持 local/sandbox 两种模式切换。Rust 层负责命令和代码的策略过滤, Docker 层负责实际的进程隔离。包含三种预设策略:agent_exec / tool_run / untrusted。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
28 lines
744 B
TOML
28 lines
744 B
TOML
[package]
|
|
name = "stardomain"
|
|
version = "0.1.0"
|
|
authors = ["zhaoxi826"]
|
|
description = "Sandbox runtime for KiloStar — Docker-based isolation with Rust filtering layer."
|
|
license = "Apache-2.0"
|
|
edition = "2024"
|
|
|
|
[lib]
|
|
name = "stardomain"
|
|
crate-type = ["cdylib", "rlib"]
|
|
|
|
[[bin]]
|
|
name = "stardomain"
|
|
path = "src/main.rs"
|
|
|
|
[dependencies]
|
|
pyo3 = { version = "0.28", features = ["extension-module"] }
|
|
pyo3-async-runtimes = { version = "0.28", features = ["tokio-runtime"] }
|
|
tokio = { version = "1", features = ["rt", "rt-multi-thread", "macros", "process", "time"] }
|
|
bollard = "0.18"
|
|
serde = { version = "1.0", features = ["derive"] }
|
|
serde_json = "1.0"
|
|
serde_yaml = "0.9"
|
|
anyhow = "1.0"
|
|
regex = "1"
|
|
clap = { version = "4", features = ["derive"] }
|