Skip to main content

Crate brokk_acp_sandbox

Crate brokk_acp_sandbox 

Source
Expand description

Pure-parsing logic for brokk-acp-rust, exported both as a Rust library (linked directly into the native binary) and – via the companion binary in src/bin/sandbox.rs – as a wasm32-wasip2 component that the native binary spawns under wasmtime for sandboxed parsing of untrusted inputs.

Everything here is dependency-light, has no fs/network/process access, and runs on every target Rust supports. The only inputs are owned strings or byte slices; the only outputs are Serialize data structures. Each function is a candidate for the wasm sandbox because the failure modes we care about are:

  • YAML bombs / billion-laughs against serde_yaml
  • Malformed frontmatter that triggers panics in third-party crates
  • Future regex/zip parsers that can blow CPU or memory

Adding a new parser to this crate is the standard path for getting “wasm-by-default with native fallback” coverage in brokk-acp-rust.

Re-exports§

pub use search::SearchError;
pub use search::SearchMatch;
pub use search::SearchOutcome;
pub use search::search as search_file_contents;
pub use skills::ParsedFrontmatter;
pub use skills::parse_frontmatter;
pub use skills::split_frontmatter;
pub use zip_reader::ZipReadError;
pub use zip_reader::list_entry_names as list_zip_entry_names;
pub use zip_reader::read_entries_with_prefix as read_zip_entries_with_prefix;
pub use zip_reader::read_entry_bytes as read_zip_entry_bytes;
pub use zip_reader::read_entry_text as read_zip_entry_text;

Modules§

search
searchFileContents implementation, shared between the native and wasm-sandboxed backends.
skills
Pure SKILL.md frontmatter parser. Ported verbatim from brokk-acp-rust/src/skills.rs so the same code can be exercised natively (linked as a library) or inside a wasm sandbox.
zip_reader
Minimal read-only ZIP parser, scoped to what session-zip readers need: locate a named entry, decompress it (deflate or stored), and return up to a configurable byte cap.

Constants§

WASM_BYTES
Bytes of the wasm32-wasip2 binary form of this crate. The host embeds these in wasmtime to run the same parsers inside a sandbox. Shipped as a committed artifact (see wasm/brokk-acp-sandbox.wasm) so consumers do not need the wasm toolchain to build against this crate.