lha_cli/
lib.rs

1pub mod debug_sandbox;
2mod entry;
3mod exit_status;
4mod product;
5#[cfg(test)]
6mod product_tests;
7#[cfg(test)]
8mod test_support;
9
10pub use crate::product::common::CliConfigOverrides;
11use clap::Parser;
12
13#[derive(Debug, Parser)]
14pub struct SeatbeltCommand {
15    /// Convenience alias for low-friction sandboxed automatic execution (network-disabled sandbox that can write to cwd and TMPDIR)
16    #[arg(long = "full-auto", default_value_t = false)]
17    pub full_auto: bool,
18
19    /// While the command runs, capture macOS sandbox denials via `log stream` and print them after exit
20    #[arg(long = "log-denials", default_value_t = false)]
21    pub log_denials: bool,
22
23    #[clap(skip)]
24    pub config_overrides: CliConfigOverrides,
25
26    /// Full command args to run under seatbelt.
27    #[arg(trailing_var_arg = true)]
28    pub command: Vec<String>,
29}
30
31#[derive(Debug, Parser)]
32pub struct LandlockCommand {
33    /// Convenience alias for low-friction sandboxed automatic execution (network-disabled sandbox that can write to cwd and TMPDIR)
34    #[arg(long = "full-auto", default_value_t = false)]
35    pub full_auto: bool,
36
37    #[clap(skip)]
38    pub config_overrides: CliConfigOverrides,
39
40    /// Full command args to run under landlock.
41    #[arg(trailing_var_arg = true)]
42    pub command: Vec<String>,
43}
44
45#[derive(Debug, Parser)]
46pub struct WindowsCommand {
47    /// Convenience alias for low-friction sandboxed automatic execution (network-disabled sandbox that can write to cwd and TMPDIR)
48    #[arg(long = "full-auto", default_value_t = false)]
49    pub full_auto: bool,
50
51    #[clap(skip)]
52    pub config_overrides: CliConfigOverrides,
53
54    /// Full command args to run under Windows restricted token sandbox.
55    #[arg(trailing_var_arg = true)]
56    pub command: Vec<String>,
57}
58
59pub use entry::main;
lha_cli/lib.rs

lha_cli/
lib.rs
