summaryrefslogtreecommitdiff
path: root/packages/cli/src
diff options
context:
space:
mode:
Diffstat (limited to 'packages/cli/src')
-rw-r--r--packages/cli/src/utils/sandbox-macos-permissive-proxied.sb2
-rw-r--r--packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb2
-rw-r--r--packages/cli/src/utils/sandbox.ts6
3 files changed, 6 insertions, 4 deletions
diff --git a/packages/cli/src/utils/sandbox-macos-permissive-proxied.sb b/packages/cli/src/utils/sandbox-macos-permissive-proxied.sb
index 861e503d..842fb6a4 100644
--- a/packages/cli/src/utils/sandbox-macos-permissive-proxied.sb
+++ b/packages/cli/src/utils/sandbox-macos-permissive-proxied.sb
@@ -24,7 +24,7 @@
;; deny all outbound network traffic EXCEPT through proxy on localhost:8877
;; set `GEMINI_SANDBOX_PROXY_COMMAND=<command>` to run proxy alongside sandbox
-;; proxy must listen on 0.0.0.0:8877 (see scripts/example-proxy.js)
+;; proxy must listen on :::8877 (see scripts/example-proxy.js)
(deny network-outbound)
(allow network-outbound (remote tcp "localhost:8877"))
diff --git a/packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb b/packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb
index cc4c1e5e..826055e5 100644
--- a/packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb
+++ b/packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb
@@ -88,5 +88,5 @@
;; allow outbound network traffic through proxy on localhost:8877
;; set `GEMINI_SANDBOX_PROXY_COMMAND=<command>` to run proxy alongside sandbox
-;; proxy must listen on 0.0.0.0:8877 (see scripts/example-proxy.js)
+;; proxy must listen on :::8877 (see scripts/example-proxy.js)
(allow network-outbound (remote tcp "localhost:8877"))
diff --git a/packages/cli/src/utils/sandbox.ts b/packages/cli/src/utils/sandbox.ts
index d47c44b5..0cb1eb54 100644
--- a/packages/cli/src/utils/sandbox.ts
+++ b/packages/cli/src/utils/sandbox.ts
@@ -339,7 +339,7 @@ export async function start_sandbox(sandbox: string) {
});
console.log('waiting for proxy to start ...');
await execAsync(
- `until curl -s http://localhost:8877; do sleep 0.25; done`,
+ `until timeout 0.25 curl -s http://localhost:8877; do sleep 0.25; done`,
);
}
// spawn child and let it inherit stdio
@@ -661,7 +661,9 @@ export async function start_sandbox(sandbox: string) {
process.exit(1);
});
console.log('waiting for proxy to start ...');
- await execAsync(`until curl -s http://localhost:8877; do sleep 0.25; done`);
+ await execAsync(
+ `until timeout 0.25 curl -s http://localhost:8877; do sleep 0.25; done`,
+ );
// connect proxy container to sandbox network
// (workaround for older versions of docker that don't support multiple --network args)
await execAsync(
generated by cgit v1.2.3 (git 2.51.0) at 2025-11-05 23:58:20 +0000