Merge branch 'master' into update/scalatest-flatspec-3.2.20

Author: adamw

.devcontainer/Dockerfile.app

@@ -1,50 +1,61 @@
 FROM mcr.microsoft.com/devcontainers/base:debian
 
-# gosu is used by the entrypoint to drop privileges.
 # ca-certificates, curl, git are already in the devcontainers base image.
+# fd-find:  fast file finder (aliased to fd below)
+# fzf:      fuzzy finder for files and command history
+# gh:       GitHub CLI
+# gosu:     drops privileges in the entrypoint
+# jq:       JSON processor
+# ripgrep:  fast recursive grep (rg)
+# tmux:     terminal multiplexer
+# vim:      text editor
 RUN apt-get update \
-    && apt-get install -y --no-install-recommends gh gosu jq vim \
+    && apt-get install -y --no-install-recommends fd-find fzf gh gosu jq ripgrep tmux vim \
+    && ln -s $(which fdfind) /usr/local/bin/fd \
     && rm -rf /var/lib/apt/lists/*
 
 COPY --chmod=755 sandcat/scripts/app-init.sh /usr/local/bin/app-init.sh
 COPY --chmod=755 sandcat/scripts/app-user-init.sh /usr/local/bin/app-user-init.sh
+COPY --chown=vscode:vscode sandcat/tmux.conf /home/vscode/.tmux.conf
 
 USER vscode
 
-# Install mise (SDK manager), then use it to install Node.js and Claude Code.
+# Install Claude Code (native binary — no Node.js required).
+RUN curl -fsSL https://claude.ai/install.sh | bash
+
+# Install mise (SDK manager) for language toolchains.
 RUN curl https://mise.run | sh
 # Make mise available in login shells (su - vscode) and Docker CMD/RUN.
 RUN echo 'export PATH="/home/vscode/.local/bin:/home/vscode/.local/share/mise/shims:$PATH"' >> /home/vscode/.profile
 ENV PATH="/home/vscode/.local/bin:/home/vscode/.local/share/mise/shims:$PATH"
-RUN mise use -g node@lts \
-    && npm install -g @anthropic-ai/claude-code
-
-RUN mise use -g java@21
-RUN mise use -g sbt@1.12
 
-# If Java was installed above, bake JAVA_HOME and trust-store paths into the
-# image.  VS Code may probe the environment before the entrypoint finishes
-# importing the mitmproxy CA; having these ready avoids a race where Metals
-# (or other JVM tooling) starts without JAVA_HOME or JAVA_TOOL_OPTIONS.
-# The entrypoint will import the mitmproxy CA into the cacerts copy at runtime.
+# Development stacks (managed by sandcat init --stacks):
+RUN mise use -g java@lts
+RUN mise use -g scala@latest && mise use -g sbt@latest
+# END STACKS
+
+# If Java was installed above, bake JAVA_HOME and JAVA_TOOL_OPTIONS into
+# .bashrc so VS Code's env probe picks them up before the entrypoint runs.
+# Without JAVA_HOME, JVM tooling like Metals fails to find the JDK.
+# JAVA_TOOL_OPTIONS points to a trust store copy that the entrypoint will
+# populate with the mitmproxy CA at runtime; until then it holds the default
+# Java CAs (harmless — equivalent to not setting it at all).
+# A version-independent symlink is used so .bashrc doesn't need updating
+# when the Java version changes — only the symlink target is updated.
 RUN if MISE_JAVA=$(mise where java 2>/dev/null); then \
     dir="$HOME/.local/share/sandcat"; mkdir -p "$dir"; \
     ln -sfn "$MISE_JAVA" "$dir/java-home"; \
     cp "$MISE_JAVA/lib/security/cacerts" "$dir/cacerts" 2>/dev/null || true; \
     { echo ''; \
     echo '# sandcat-java-env'; \
-    echo '_sc_java="$HOME/.local/share/sandcat/java-home"'; \
-    echo '_sc_cacerts="$HOME/.local/share/sandcat/cacerts"'; \
-    echo '[ -L "$_sc_java" ] && export JAVA_HOME="$_sc_java"'; \
-    echo '[ -f "$_sc_cacerts" ] && export JAVA_TOOL_OPTIONS="-Djavax.net.ssl.trustStore=$_sc_cacerts -Djavax.net.ssl.trustStorePassword=changeit"'; \
-    echo 'unset _sc_java _sc_cacerts'; \
+    echo '[ -L "$HOME/.local/share/sandcat/java-home" ] && export JAVA_HOME="$HOME/.local/share/sandcat/java-home"'; \
+    echo '[ -f "$HOME/.local/share/sandcat/cacerts" ] && export JAVA_TOOL_OPTIONS="-Djavax.net.ssl.trustStore=$HOME/.local/share/sandcat/cacerts -Djavax.net.ssl.trustStorePassword=changeit"'; \
     } >> "$HOME/.bashrc"; \
     fi
 
-# Pre-create the Claude config directory and seed onboarding flag so Claude
-# Code can use an API key from the environment without interactive setup.
-RUN mkdir -p /home/vscode/.claude \
-    && echo '{"hasCompletedOnboarding":true}' > /home/vscode/.claude.json
+# Pre-create ~/.claude so Docker bind-mounts (CLAUDE.md, agents/, commands/)
+# don't cause it to be created as root-owned.
+RUN mkdir -p /home/vscode/.claude
 
 RUN echo 'alias claude-yolo="claude --dangerously-skip-permissions"' >> /home/vscode/.bashrc
 

.devcontainer/compose-all.yml

@@ -1,10 +1,8 @@
-name: sttp
-
+name: sttp-sandbox
 include:
   - path: sandcat/compose-proxy.yml
-
 services:
-  app:
+  agent:
     build:
       context: .
       dockerfile: Dockerfile.app
@@ -13,29 +11,39 @@ services:
     # so processes inside cannot modify routing, iptables, or the tunnel.
     network_mode: "service:wg-client"
     volumes:
-      # Mount the project's code
-      - ..:/workspaces/sttp:cached
-      # Overlay .devcontainer as read-only so the agent cannot modify its
-      # own sandbox (scripts, compose files, Dockerfile, devcontainer.json).
-      - ../.devcontainer:/workspaces/sttp/.devcontainer:ro
       # Named volume for the home directory so Claude Code auth state,
       # shell history, and other user-level config persist across rebuilds.
       - app-home:/home/vscode
       # Shared volume from mitmproxy containing the CA cert and
       # sandcat.env (env vars + secret placeholders). Read-only — app
       # containers should never write to this.
       - mitmproxy-config:/mitmproxy-config:ro
-      # Bind-mount host Claude Code customizations (read-only) so personal
-      # settings, agents, and slash commands carry into the container.
-      # Remove any mount whose source does not exist on your host —
-      # Docker will otherwise create an empty directory in its place.
-      - ~/.claude/CLAUDE.md:/home/vscode/.claude/CLAUDE.md:ro
-      - ~/.claude/agents:/home/vscode/.claude/agents:ro
-      - ~/.claude/commands:/home/vscode/.claude/commands:ro
+      # Mount the project's code
+      - ..:/workspaces/sttp-sandbox
+      # Read-only devcontainer directory
+      - ../.devcontainer:/workspaces/sttp-sandbox/.devcontainer:ro
+      # Read-only settings directory
+      - ../.sandcat:/workspaces/sttp-sandbox/.sandcat:ro
+      # Host Claude config (optional)
+      - ${HOME}/.claude/CLAUDE.md:/home/vscode/.claude/CLAUDE.md:ro
+      - ${HOME}/.claude/agents:/home/vscode/.claude/agents:ro
+      - ${HOME}/.claude/commands:/home/vscode/.claude/commands:ro
+      # Read-only Git directory
+      # - ../.git:/workspace/.git:ro
+      # Read-only IntelliJ IDEA project directory
+      # - ../.idea:/workspace/.idea:ro
     command: sleep infinity
+    environment:
+      - CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1
     depends_on:
       wg-client:
         condition: service_healthy
-
+    working_dir: /workspaces/sttp-sandbox
+  mitmproxy:
+    volumes:
+      - ../.sandcat:/config/project:ro
+      # Project-level settings (.sandcat/ directory). If the directory does
+      # not exist on the host, Docker creates an empty one and the addon
+      # simply finds no files — no error.
 volumes:
   app-home:

.devcontainer/devcontainer.json

@@ -1,14 +1,14 @@
 {
-	"name": "sttp",
+	"name": "sttp-sandbox",
 	"dockerComposeFile": "compose-all.yml",
-	"service": "app",
-	"workspaceFolder": "/workspaces/sttp",
+	"service": "agent",
+	"workspaceFolder": "/workspaces/sttp-sandbox",
 	// Remove credential sockets that VS Code forwards into the container
 	// (SSH agent, git credential helper).  Clearing env vars alone only
 	// hides the paths — the socket files in /tmp can still be discovered
 	// by scanning.  The post-start script deletes them as best-effort
 	// hardening.
-	"postStartCommand": "bash /workspaces/sttp/.devcontainer/sandcat/scripts/app-post-start.sh",
+	"postStartCommand": "bash /workspaces/sttp-sandbox/.devcontainer/sandcat/scripts/app-post-start.sh",
 	// VS Code forwards host credential sockets into containers by default.
 	// Clear them so container code cannot use host SSH keys, GPG signing,
 	// or VS Code's git credential helpers to authenticate as the host user.
@@ -22,7 +22,8 @@
 			"extensions": [
 				"anthropic.claude-code",
 				"github.vscode-pull-request-github",
-				"scalameta.metals"
+				"redhat.java",
+				"scalameta.metals",
 			],
 			"settings": {
 				// Prevent VS Code from copying host .gitconfig into the

.devcontainer/sandcat/compose-proxy.yml

@@ -20,23 +20,21 @@ services:
       interval: 2s
       timeout: 2s
       retries: 15
-
   mitmproxy:
-    image: mitmproxy/mitmproxy:latest
+    image: ghcr.io/virtuslab/sandcat-mitmproxy-op:latest
     command: mitmweb --mode wireguard --web-host 0.0.0.0 --set web_password=mitmproxy -s /scripts/mitmproxy_addon.py
     ports:
       - "8081" # mitmweb UI; host port assigned dynamically to avoid conflicts
     volumes:
       - mitmproxy-config:/home/mitmproxy/.mitmproxy
       - ./scripts/mitmproxy_addon.py:/scripts/mitmproxy_addon.py:ro
       - ~/.config/sandcat/settings.json:/config/settings.json:ro
-    cap_add:
-      - NET_ADMIN
     healthcheck:
       test: ["CMD", "test", "-f", "/home/mitmproxy/.mitmproxy/wireguard.conf"]
       interval: 2s
       timeout: 2s
       retries: 15
-
+    environment:
+      - OP_SERVICE_ACCOUNT_TOKEN
 volumes:
   mitmproxy-config:

.devcontainer/sandcat/scripts/__pycache__/mitmproxy_addon.cpython-314.pyc

@@ -1,24 +1,22 @@
 #!/bin/bash
 #
 # Entrypoint for containers that share the wg-client's network namespace.
-# Installs the mitmproxy CA cert, loads env vars and secret placeholders
-# from sandcat.env, then hands off to the container's main command.
+# Installs the mitmproxy CA cert, disables commit signing, loads env vars
+# and secret placeholders from sandcat.env, runs vscode-user setup (git
+# identity, Java trust store, Claude Code update), then drops to vscode
+# and exec's the container's main command.
 #
 set -e
 
 CA_CERT="/mitmproxy-config/mitmproxy-ca-cert.pem"
 
-# The CA cert should already exist (wg-client depends_on mitmproxy healthy),
-# but wait briefly in case of a slight race on the shared volume.
-elapsed=0
-while [ ! -f "$CA_CERT" ]; do
-    if [ "$elapsed" -ge 30 ]; then
-        echo "Timed out waiting for mitmproxy CA cert" >&2
-        exit 1
-    fi
-    sleep 1
-    elapsed=$((elapsed + 1))
-done
+# The CA cert is guaranteed to exist: app depends_on wg-client (healthy),
+# which depends_on mitmproxy (healthy), whose healthcheck requires the
+# WireGuard config — generated after the CA.
+if [ ! -f "$CA_CERT" ]; then
+    echo "mitmproxy CA cert not found at $CA_CERT" >&2
+    exit 1
+fi
 
 cp "$CA_CERT" /usr/local/share/ca-certificates/mitmproxy.crt
 update-ca-certificates
@@ -55,7 +53,7 @@ else
     echo "No $SANDCAT_ENV found — env vars and secret substitution disabled"
 fi
 
-# Run vscode-user tasks: git identity and Claude Code update.
+# Run vscode-user tasks: git identity, Java trust store, Claude Code update.
 su - vscode -c /usr/local/bin/app-user-init.sh
 
 # Source all sandcat profile.d scripts from /etc/bash.bashrc so env vars

.devcontainer/sandcat/scripts/app-init.sh

@@ -19,11 +19,18 @@ fi
 # repo-level config.
 git config --global commit.gpgsign false
 
+# SSH keys are not available in the container (SSH_AUTH_SOCK is cleared
+# and credential sockets are removed), so rewrite git SSH URLs to HTTPS.
+# Sandcat's secret substitution handles GitHub token authentication over
+# HTTPS transparently.
+git config --global --replace-all url."https://github.com/".insteadOf "git@github.com:" "git@github.com:"
+git config --global --replace-all url."https://github.com/".insteadOf "ssh://git@github.com/" "ssh://git@github.com/"
+
 # If Java is installed (via mise), import the mitmproxy CA into Java's trust
 # store. Java uses its own cacerts and ignores the system CA store.
 CA_CERT="/mitmproxy-config/mitmproxy-ca-cert.pem"
 
-# Ensure mise is on PATH.  `su - vscode` resets the environment and sources
+# Ensure mise is on PATH. `su - vscode` resets the environment and sources
 # only the first of ~/.bash_profile, ~/.bash_login, ~/.profile.  If
 # ~/.bash_profile exists (e.g. created by VS Code on a persistent volume),
 # ~/.profile — where the Dockerfile adds mise — is never read.
@@ -33,8 +40,8 @@ fi
 
 MISE_JAVA_HOME="$(mise where java 2>/dev/null || true)"
 if [ -n "$MISE_JAVA_HOME" ] && [ -f "$CA_CERT" ]; then
-    # Create a version-independent symlink so JAVA_HOME (exported via
-    # /etc/profile.d/) doesn't depend on the mise Java version.
+    # Create a version-independent symlink so JAVA_HOME doesn't depend
+    # on the mise Java version.
     SANDCAT_DIR="$HOME/.local/share/sandcat"
     mkdir -p "$SANDCAT_DIR"
     ln -sfn "$MISE_JAVA_HOME" "$SANDCAT_DIR/java-home"
@@ -69,25 +76,17 @@ if [ -n "$MISE_JAVA_HOME" ] && [ -f "$CA_CERT" ]; then
   }
 }
 EOFJSON
-    fi
-
-    # Write Java env vars to ~/.bashrc (on the persistent app-home volume)
-    # so VS Code's userEnvProbe picks them up even after container rebuild.
-    # The Dockerfile bakes these into the image for first-run, but rebuilds
-    # with a changed toolchain need the runtime fallback.
-    BASHRC_JAVA_MARKER="# sandcat-java-env"
-    if ! grep -q "$BASHRC_JAVA_MARKER" "$HOME/.bashrc" 2>/dev/null; then
-        cat >> "$HOME/.bashrc" << 'BASHRC_JAVA'
 
-# sandcat-java-env
-_sc_java="$HOME/.local/share/sandcat/java-home"
-_sc_cacerts="$HOME/.local/share/sandcat/cacerts"
-[ -L "$_sc_java" ] && export JAVA_HOME="$_sc_java"
-[ -f "$_sc_cacerts" ] && export JAVA_TOOL_OPTIONS="-Djavax.net.ssl.trustStore=$_sc_cacerts -Djavax.net.ssl.trustStorePassword=changeit"
-unset _sc_java _sc_cacerts
-BASHRC_JAVA
     fi
 fi
 
-# Best-effort: may fail if network isn't routed yet or CLI was just installed.
-claude update || true
+# Seed the onboarding flag so Claude Code uses the API key without interactive
+# setup. Only written when the user configured an ANTHROPIC_API_KEY secret.
+if [ -n "${ANTHROPIC_API_KEY:-}" ]; then
+    echo '{"hasCompletedOnboarding":true}' > "$HOME/.claude.json"
+fi
+
+# Claude Code is installed at build time (Dockerfile.app).
+# Background update so it doesn't block startup.
+(claude install >/dev/null 2>&1 &)
+