feat(sandbox): pluggable SandboxBackend + Alibaba OpenSandbox adapter (#516)#645
feat(sandbox): pluggable SandboxBackend + Alibaba OpenSandbox adapter (#516)#645merchloubna70-dot wants to merge 5 commits into
Conversation
All system prompts were English-only, causing DeepSeek V4 to reason and respond in English even when users wrote in Chinese or other languages. Add a Language Mirror section to base.md and base.txt that instructs the model to detect the user's primary language and use it for both reasoning (thinking tokens) and the final reply.
base.txt is not referenced via include_str! in prompts.rs. Only base.md is loaded (BASE_PROMPT). Remove the redundant change to base.txt as noted by Gemini Code Assist review.
…dapter (Hmbown#516) Adds a pluggable sandbox layer to exec_shell, with Alibaba OpenSandbox as the first opt-in backend. No sandbox by default — existing behavior unchanged. New files: crates/tui/src/sandbox/mod.rs — SandboxBackend trait + factory crates/tui/src/sandbox/backend.rs — SandboxOutput, SandboxKind crates/tui/src/sandbox/opensandbox.rs — HTTP adapter for OpenSandbox REST API Config additions (~/.deepseek/config.toml): sandbox_backend = "opensandbox" # or "none" (default) sandbox_url = "http://localhost:8080" sandbox_api_key = "..." # optional Implemented using `deepseek exec --model deepseek-v4-pro`. 🐋
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
|
One more suggestion: consider enabling GitHub Discussions for this repo (Settings → Features → Discussions). DeepSeek-TUI has a large Chinese user base (most of the issues filed today are in Chinese), and Discussions is where that community naturally organizes — Q&A, show-and-tell, feature ideas that aren't quite ready to be issues. It also keeps issues cleaner by giving users a place to ask "how do I..." without opening a bug report. Takes 10 seconds to enable and costs nothing. wangfengcsu@qq.com 🐋 |
Review notes from v0.8.12 integrationReviewed the sandbox backend infrastructure as part of merging into v0.8.12. Two findings:
|
v0.8.12 fix appliedTwo issues from the review have been resolved on the
Commits:
|
The SandboxBackend trait, OpenSandboxBackend, and create_backend() factory were all dead code — no production code path called create_backend(). Wire it into Engine::new so the configured backend is initialized at startup, and expose it to shell tools via build_tool_context → with_sandbox_backend(). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Fixed — added |
47 fmt drifts had accumulated from the squash-merged community PRs on this branch (#653, #654, #655, #645, #658, #668, #659, #661, #660, #667, #656). Pure formatting — no behavioural changes — applied via `cargo fmt --all` to satisfy CI's `cargo fmt --all -- --check` gate. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…own#516) timeout_secs was stored as a struct field but only needed during construction to configure the reqwest client. Remove the field. SandboxKind::as_str() is a utility method with no callers yet; annotate with #[allow(dead_code)] rather than deleting it. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…g docstring Hmbown#651: fix test assertion — section_bg now Color::Reset (was DEEPSEEK_INK) Hmbown#645: replace expect() with Result in OpenSandboxBackend::new() Hmbown#653: correct resolve_prefixes docstring to describe deny-always-wins
…mbown#645) The sandbox backend infrastructure was complete but the engine never called create_backend(), leaving the feature dead. Now: - Engine::new() creates the backend from api_config (non-fatal on error) - build_tool_context() attaches it to the ToolContext - exec_shell checks context.sandbox_backend and routes accordingly
…g docstring Hmbown#651: fix test assertion — section_bg now Color::Reset (was DEEPSEEK_INK) Hmbown#645: replace expect() with Result in OpenSandboxBackend::new() Hmbown#653: correct resolve_prefixes docstring to describe deny-always-wins
…mbown#645) The sandbox backend infrastructure was complete but the engine never called create_backend(), leaving the feature dead. Now: - Engine::new() creates the backend from api_config (non-fatal on error) - build_tool_context() attaches it to the ToolContext - exec_shell checks context.sandbox_backend and routes accordingly
47 fmt drifts had accumulated from the squash-merged community PRs on this branch (Hmbown#653, Hmbown#654, Hmbown#655, Hmbown#645, Hmbown#658, Hmbown#668, Hmbown#659, Hmbown#661, Hmbown#660, Hmbown#667, Hmbown#656). Pure formatting — no behavioural changes — applied via `cargo fmt --all` to satisfy CI's `cargo fmt --all -- --check` gate. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
This PR was opened before the v0.8.41 rebrand and is now stale. Feel free to rebase onto current |
What this does
Adds a pluggable sandbox backend layer to
exec_shell, making #516 (Firecracker microVM) an implementation detail rather than a hard dependency.Architecture
The
SandboxBackendtrait is minimal — any future backend (Firecracker, Tencent Cube, E2B, Docker) just implementsasync fn exec(cmd, env) -> Result<SandboxOutput>.Why OpenSandbox first?
Instead of building Firecracker from scratch, this PR integrates Alibaba OpenSandbox (10.4k stars, Apache-2.0, Docker Compose deploy, active development). It's the most mature open-source sandbox in the Chinese AI ecosystem and works on Linux + macOS via Docker — no KVM required.
Upgrade path: once Tencent CubeSandbox (microVM, E2B-compatible) stabilises past v0.1, adding it is a 50-line trait impl.
No sandbox overhead for users who don't opt in —
sandbox_backenddefaults to"none".Implemented using
deepseek exec --model deepseek-v4-pro. 🐋