.png)
4 months ago
18
AI is supercharging app development for everyone, but we need a safe way to run untrusted, LLM-written code. We’re introducing Sandboxes ↗, which let your Worker run actual processes in a secure, container-based environment.
import { getSandbox } from "@cloudflare/sandbox";
export { Sandbox } from "@cloudflare/sandbox";
export default {
async fetch(request: Request, env: Env) {
const sandbox = getSandbox(env.Sandbox, "my-sandbox");
return sandbox.exec("ls", ["-la"]);
},
};
- exec(command: string, args: string[], options?: { stream?: boolean }):Execute a command in the sandbox.
- gitCheckout(repoUrl: string, options: { branch?: string; targetDir?: string; stream?: boolean }): Checkout a git repository in the sandbox.
- mkdir(path: string, options: { recursive?: boolean; stream?: boolean }): Create a directory in the sandbox.
- writeFile(path: string, content: string, options: { encoding?: string; stream?: boolean }): Write content to a file in the sandbox.
- readFile(path: string, options: { encoding?: string; stream?: boolean }): Read content from a file in the sandbox.
- deleteFile(path: string, options?: { stream?: boolean }): Delete a file from the sandbox.
- renameFile(oldPath: string, newPath: string, options?: { stream?: boolean }): Rename a file in the sandbox.
- moveFile(sourcePath: string, destinationPath: string, options?: { stream?: boolean }): Move a file from one location to another in the sandbox.
- ping(): Ping the sandbox.
Sandboxes are still experimental. We're using them to explore how isolated, container-like workloads might scale on Cloudflare — and to help define the developer experience around them.
You can try it today from your Worker, with just a few lines of code. Let us know what you build.
