Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.microsandbox.dev/llms.txt

Use this file to discover all available pages before exploring further.

Released this week: v0.4.0 · v0.4.1 · v0.4.2 · v0.4.3

New features

Redesigned TypeScript SDK Builder API matching the Rust SDK, with await using, typed errors, async iterables, and bundled native binaries (no postinstall download). 
await using sandbox = await Sandbox.builder("my-sandbox")
  .image("alpine:latest")
  .cpus(2)
  .create();
See the TypeScript SDK reference. Redesigned network policy --network-policy is gone. Rules now carry their own direction, action, target, protocol, and ports through a single grammar: <action>[:<direction>]@<target>[:<proto>[:<ports>]]. 
msb run alpine --name agent \
  --net-default-egress deny \
  --net-rule "allow@public,allow@host" \
  --net-rule "deny@private:tcp:445"
See the networking overview. Other features
  • Disk-image volume mounts. Attach qcow2, raw, or vmdk images as virtio-blk devices at any guest path; readonly is now consistent across volume types. See Sandbox volumes.
  • Inline --script flag. Register scripts on the command line with --script NAME=BODY; the file form is now --script-path NAME:PATH. See the CLI reference.
  • msb alias. Installs from npm, pip, and cargo now put both microsandbox and msb on PATH.
  • host.microsandbox.internal. Sandboxes can reach the host through this well-known DNS name.
  • Trust host CAs (opt-in). Sandboxes can trust the host’s CA bundle for internal TLS endpoints. See Networking TLS.
  • DNS interception over TCP/53 and DoT/853. Closes gaps where apps bypassed policy by switching transports. See Networking DNS.
  • Custom TLS certs and insecure registries for self-hosted image registries. See the images overview.
  • Per-sandbox libkrunfw override for SDK callers developing against unreleased firmware.
  • Installer rejects unsupported glibc up front, instead of producing confusing runtime errors.

Bug fixes

  • Domain and suffix= rules now enforce consistently across DNS, SNI, and policy layers.
  • The Node/TypeScript SDK supports the same secret injection options as the Rust SDK.
  • macOS reads system nameservers via SCDynamicStore, matching what the OS actually uses.
  • The npm platform package ships libkrunfw under its canonical name, fixing load failures on some Linux distros.