Skip to content

feat(cli): --safe-eval first-run sandbox profile (#60)#208

Merged
quangdang46 merged 1 commit into
masterfrom
feat/safe-eval-profile
May 22, 2026
Merged

feat(cli): --safe-eval first-run sandbox profile (#60)#208
quangdang46 merged 1 commit into
masterfrom
feat/safe-eval-profile

Conversation

@quangdang46
Copy link
Copy Markdown
Owner

@quangdang46 quangdang46 commented May 22, 2026

What

Adds the safe-evaluation profile requested in issue #60. A single flag (or env var) layers a conservative sandbox on top of any other flags so users can evaluate jcode before pointing it at their main machine, primary credentials, or sensitive repositories.

Usage

jcode --safe-eval run "say hello"
JCODE_SAFE_EVAL=1 jcode run "..."

What it does

Translated at startup into env overrides (each one already honored by existing code paths in master, so this PR is a thin coordination layer + banner + docs, not a parallel reimplementation):

Env var Effect Honored by
JCODE_HOME=~/.jcode-safe-eval/ (only if not already set) Isolated config / sessions / memory / auth dir storage::jcode_dir
JCODE_OFFLINE=1 Disables update check, telemetry, model-list refresh Issue #24 / PR #197
JCODE_NO_TELEMETRY=1 Belt-and-suspenders telemetry off telemetry::is_enabled
JCODE_AMBIENT_DISABLED=1 Ambient runner does not start ambient runner gate
JCODE_NO_SELFDEV=1 Self-dev auto-detection suppressed selfdev autodetect

A short banner is printed at startup so users can confirm the profile took effect (suppressed by --quiet):

Safe-eval profile: isolated JCODE_HOME, telemetry off, offline, ambient/selfdev gated.
  JCODE_HOME = /home/<user>/.jcode-safe-eval

Changes

  • src/cli/args.rs: --safe-eval global flag.
  • src/cli/startup.rs: parse_and_prepare_args translates the flag (and pre-existing JCODE_SAFE_EVAL=1 env) into the 5 coordinated env vars.
  • docs/SAFE_EVALUATION.md (new): walks through what's disabled, what isn't, the recommended first-run workflow, cleanup (rm -rf ~/.jcode-safe-eval), and how to compose with other flags.

Tests

cargo check -p jcode --lib clean. The behavior is purely env-var translation; the downstream effects each have their own existing tests (see update::tests::check_for_update_blocking_returns_none_in_offline_mode etc.).

Closes #60

@quangdang46
feat(cli): --safe-eval first-run sandbox profile (#60)
c6678a2 
Adds the safe-evaluation profile requested in issue #60. A single
flag (or env var) layers a conservative sandbox on top of any other
flags so users can evaluate jcode before pointing it at their main
machine, primary credentials, or sensitive repositories.

Behavior:

  jcode --safe-eval run "say hello"
  JCODE_SAFE_EVAL=1 jcode run "..."

Translated at startup into env overrides:

  JCODE_HOME=~/.jcode-safe-eval/   (only when not already set)
  JCODE_OFFLINE=1
  JCODE_NO_TELEMETRY=1
  JCODE_AMBIENT_DISABLED=1
  JCODE_NO_SELFDEV=1

Each of those env vars is honored by existing code paths today —
JCODE_HOME by storage::jcode_dir, JCODE_OFFLINE by issue #24's
runtime gates, JCODE_NO_TELEMETRY by telemetry::is_enabled,
JCODE_AMBIENT_DISABLED by the ambient runner, JCODE_NO_SELFDEV
by the selfdev autodetect. So this PR is a thin coordination layer
+ a banner + documentation, not a parallel reimplementation.

A short banner is printed at startup so users can confirm the
profile took effect (suppressed by --quiet).

docs/SAFE_EVALUATION.md walks through what's disabled, what isn't,
the recommended first-run workflow, and how to compose with other
flags. Cleanup is a single `rm -rf ~/.jcode-safe-eval`.

Closes #60
@quangdang46 quangdang46 merged commit bee54ce into master May 22, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Upstream #62] Add a documented safe-evaluation profile for first-time jcode users

1 participant

@quangdang46