agentkernel 0.18.1

[package]
name = "agentkernel"
version = "0.18.1"
edition = "2024"
description = "Run AI coding agents in secure, isolated microVMs"
authors = ["Paul Thrasher <thrashr888@gmail.com>"]
license = "MIT"
repository = "https://github.com/thrashr888/agentkernel"
keywords = ["ai", "agents", "sandbox", "firecracker", "microvm"]
categories = ["command-line-utilities", "development-tools"]
include = [
  "/src/**/*",
  "/guest-agent/**/*",
  "/claude-plugin/**/*",
  "/plugins/**/*",
  "/images/build/build-kernel.sh",
  "/images/kernel/microvm.config",
  "/templates/*.toml",
  "/Cargo.toml",
  "/Cargo.lock",
  "/LICENSE",
  "/README.md",
]

[features]
default = ["kubernetes", "nomad", "enterprise"]
hyperlight = ["dep:hyperlight-wasm"]
kubernetes = ["dep:kube", "dep:k8s-openapi", "dep:schemars", "dep:serde_yaml", "dep:futures"]
nomad = ["dep:reqwest"]
enterprise = ["dep:cedar-policy", "dep:ed25519-dalek", "dep:jsonwebtoken", "dep:reqwest"]

[dependencies]
anyhow = "1.0"
async-trait = "0.1"
base64 = "0.22"
bytes = "1.0"
clap = { version = "4.0", features = ["derive"] }
clap_complete = "4.0"
hyper = { version = "1.5", features = ["client", "http1", "server"] }
hyper-util = { version = "0.1", features = ["client-legacy", "tokio"] }
http-body-util = "0.1"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
tokio = { version = "1.0", features = ["full", "process", "net"] }
toml = "0.8"
uuid = { version = "1.0", features = ["v4", "v7"] }
chrono = { version = "0.4", features = ["serde"] }
redis = "0.27"
rusqlite = { version = "0.33", features = ["bundled"] }
tokio-postgres = { version = "0.7", features = ["with-serde_json-1"] }
mysql_async = { version = "0.36", default-features = false, features = ["default-rustls"] }
sha2 = "0.10"
prometheus = { version = "0.13", default-features = false }
wat = "1.225"  # WAT to WASM compiler for WebAssembly text format support
tempfile = "3.0"  # Temporary directories for rootfs conversion
dirs = "6.0.0"
sysinfo = "0.34"
urlencoding = "2"
tokio-stream = "0.1"

# SSH support (CA key generation and client key signing)
ssh-key = { version = "0.6", features = ["ed25519", "rand_core"] }
rand = "0.8"
ring = "0.17"
hex = "0.4"

# OpenTelemetry trace export
opentelemetry = "0.28"
opentelemetry_sdk = { version = "0.28", features = ["rt-tokio"] }
opentelemetry-otlp = { version = "0.28", features = ["http-proto", "reqwest-client"] }

# TLS support for HTTP API
rustls = { version = "0.23", features = ["ring"] }
rustls-pemfile = "2"
tokio-rustls = "0.26"
rcgen = "0.13"

# Kubernetes backend (optional, behind "kubernetes" feature flag)
kube = { version = "0.98", features = ["client", "runtime", "ws", "derive"], optional = true }
k8s-openapi = { version = "0.24", features = ["latest"], optional = true }
schemars = { version = "0.8", optional = true }
thiserror = "2"
futures = { version = "0.3", optional = true }
serde_yaml = { version = "0.9", optional = true }

# Nomad backend (optional, behind "nomad" feature flag)
# Enterprise policy engine (optional, behind "enterprise" feature)
cedar-policy = { version = "4", optional = true }
ed25519-dalek = { version = "2", features = ["rand_core"], optional = true }
jsonwebtoken = { version = "10", optional = true }
reqwest = { version = "0.12", features = ["json", "rustls-tls", "stream"], optional = true }
webpki-roots = "1.0.6"

# Unix socket support for Firecracker API
[target.'cfg(unix)'.dependencies]
hyperlocal = "0.9"
tokio-vsock = "0.6"
libc = "0.2"

# Hyperlight for sub-millisecond Wasm sandboxes (Linux only, requires KVM)
[target.'cfg(target_os = "linux")'.dependencies]
hyperlight-wasm = { version = "0.12", optional = true }

[dev-dependencies]
tempfile = "3.0"
tokio = { version = "1.0", features = ["rt-multi-thread", "macros"] }
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
chrono = "0.4"

[lints.clippy]
uninlined_format_args = "allow"

[profile.release]
lto = true
codegen-units = 1
opt-level = 3
strip = true