Skip to content

feat(proto,sandbox): SandboxExecService + RemoteRunner client (infra-admin P3b PR7/12)#847

Merged
intel352 merged 3 commits into
mainfrom
feat/infra-p3b-proto-client
Jun 3, 2026
Merged

feat(proto,sandbox): SandboxExecService + RemoteRunner client (infra-admin P3b PR7/12)#847
intel352 merged 3 commits into
mainfrom
feat/infra-p3b-proto-client

Conversation

@intel352
Copy link
Copy Markdown
Contributor

@intel352 intel352 commented Jun 3, 2026

PR7/12 — SandboxExecService proto + RemoteRunner client (infra-admin Phase 3b, part 1)

Locked plan Tasks 13–14; ADR 0019. The typed gRPC contract + client for dispatching a sandboxed command to a remote agent. The agent binary + engine config wiring land in PR8.

Changes

  • plugin/external/proto/sandbox_exec.proto (co-located in the existing buf module — the editor/toolchain home for all repo protos; design backport vs the plan's tentative sandbox/remote/proto): SandboxExecService { rpc Exec(SandboxExecRequest) returns (stream SandboxExecChunk); }. Typed messages (no Struct/Any). env carries UNRESOLVED secret:// refs (agent resolves them, ADR 0017); profile is the requested profile (agent clamps it, PR8). Generated via buf generate (touched only the new files).
  • sandbox/remote.RemoteRunner implements sandbox.SandboxRunner: dials over mTLS + bearer token, streams Exec, accumulates stdout/stderr + the exit code, returns *sandbox.ExecResult. Conn cached; Close() idempotent. Does NOT resolve secret:// refs (ADR 0017).

Review notes (resolved)

  • Critical: a stream that ends without an exit_code chunk (agent crash) now ERRORS instead of returning a false ExitCode:0 success.
  • Critical: connect() returns the conn (held locally) so a concurrent Close() can't nil-race it; -race tests added (16 concurrent Exec; Exec racing Close).
  • Important: NewRemoteRunner refuses a non-empty Token over a nil-TLS connection unless AllowInsecure is explicitly set (no accidental cleartext-token leak).

Verified: go build ./... exit 0; go test -race ./sandbox/remote/ pass; full go test ./... exit 0 (150 ok); full-repo golangci-lint v2.12.0 0 issues (generated .pb.go excluded — exclusions.generated: lax doesn't cover gosec G103 on protoc output, so a single \.pb\.go$ path exclusion is used).

🤖 Generated with Claude Code

intel352 and others added 2 commits June 2, 2026 21:45
@intel352 @claude
feat(proto): SandboxExecService gRPC contract (engine→remote sandbox …
4969466 
…agent)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@intel352 @claude
feat(sandbox/remote): RemoteRunner client for SandboxExecService (eng…
d37edf7 
…ine→agent)

Implements sandbox.SandboxRunner via streaming gRPC to a remote sandbox agent.
mTLS + bearer token auth. env values passed verbatim (secret:// unresolved, ADR 0017).
Tested with in-process bufconn stub; mTLS wired end-to-end in PR11 scenario.

Hardening (code review):
- Exec returns an error when the stream closes without an exit_code chunk
  (agent crash / truncated stream) instead of a silent ExecResult{ExitCode:0}.
- connect() returns the *grpc.ClientConn so Exec holds it locally; a concurrent
  Close() (conn=nil under mu) can no longer nil-deref / race an in-flight Exec.
- NewRemoteRunner rejects Token over a non-TLS connection unless AllowInsecure
  is set, preventing cleartext bearer-token leaks.
- .golangci.yml: single \.pb\.go$ path exclusion for generated code (gosec G103
  + staticcheck QF1008; gosec ignores the golangci generated: setting).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings June 3, 2026 02:05
Copilot AI reviewed Jun 3, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds the typed gRPC contract and a Go client implementation for dispatching sandboxed command execution to a remote agent (infra-admin Phase 3b, PR7/12), as groundwork for the upcoming agent binary/config wiring in PR8.

Changes:

  • Introduces SandboxExecService protobuf contract (Exec streaming stdout/stderr chunks + terminal exit_code).
  • Adds sandbox/remote.RemoteRunner implementing sandbox.SandboxRunner over gRPC with optional mTLS + bearer token auth and connection caching.
  • Updates golangci-lint config to exclude protobuf-generated *.pb.go files from linting.

Reviewed changes

Copilot reviewed 4 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
sandbox/remote/runner.go Implements RemoteRunner gRPC client, streaming exec and connection lifecycle.
sandbox/remote/runner_test.go Adds unit tests for streaming behavior, secret ref pass-through, concurrency, and auth guardrails.
plugin/external/proto/sandbox_exec.proto Defines typed proto contract for remote sandbox execution.
plugin/external/proto/sandbox_exec.pb.go Generated protobuf Go types for sandbox exec contract.
plugin/external/proto/sandbox_exec_grpc.pb.go Generated gRPC client/server bindings for sandbox exec contract.
.golangci.yml Excludes *.pb.go from golangci-lint to avoid non-actionable findings in generated code.
Files not reviewed (2)
  • plugin/external/proto/sandbox_exec.pb.go: Language not supported
  • plugin/external/proto/sandbox_exec_grpc.pb.go: Language not supported

Comment thread sandbox/remote/runner.go
Comment thread sandbox/remote/runner.go
@codecov
Copy link
Copy Markdown

codecov Bot commented Jun 3, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 42.39631% with 125 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
plugin/external/proto/sandbox_exec.pb.go 21.29% 84 Missing and 1 partial ⚠️
plugin/external/proto/sandbox_exec_grpc.pb.go 0.00% 26 Missing ⚠️
sandbox/remote/runner.go 83.13% 9 Missing and 5 partials ⚠️

📢 Thoughts on this report? Let us know!

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jun 3, 2026
edited
Loading

⏱ Benchmark Results

No significant performance regressions detected.

benchstat comparison (baseline → PR) 
## benchstat: baseline → PR
baseline-bench.txt:302: parsing iteration count: invalid syntax
baseline-bench.txt:386349: parsing iteration count: invalid syntax
baseline-bench.txt:657196: parsing iteration count: invalid syntax
baseline-bench.txt:1003097: parsing iteration count: invalid syntax
baseline-bench.txt:1379739: parsing iteration count: invalid syntax
baseline-bench.txt:1775689: parsing iteration count: invalid syntax
benchmark-results.txt:302: parsing iteration count: invalid syntax
benchmark-results.txt:325761: parsing iteration count: invalid syntax
benchmark-results.txt:605176: parsing iteration count: invalid syntax
benchmark-results.txt:892880: parsing iteration count: invalid syntax
benchmark-results.txt:1188729: parsing iteration count: invalid syntax
benchmark-results.txt:1480252: parsing iteration count: invalid syntax
goos: linux
goarch: amd64
pkg: github.com/GoCodeAlone/workflow/dynamic
cpu: AMD EPYC 7763 64-Core Processor                
                            │ benchmark-results.txt │
                            │        sec/op         │
InterpreterCreation-4                  10.13m ± 69%
ComponentLoad-4                        3.574m ±  0%
ComponentExecute-4                     1.949µ ±  1%
PoolContention/workers-1-4             1.097µ ±  1%
PoolContention/workers-2-4             1.095µ ±  1%
PoolContention/workers-4-4             1.095µ ±  2%
PoolContention/workers-8-4             1.092µ ±  1%
PoolContention/workers-16-4            1.099µ ±  3%
ComponentLifecycle-4                   3.634m ±  1%
SourceValidation-4                     2.330µ ±  3%
RegistryConcurrent-4                   805.0n ±  2%
LoaderLoadFromString-4                 3.606m ±  0%
geomean                                19.34µ

                            │ benchmark-results.txt │
                            │         B/op          │
InterpreterCreation-4                  2.027Mi ± 0%
ComponentLoad-4                        2.180Mi ± 0%
ComponentExecute-4                     1.203Ki ± 0%
PoolContention/workers-1-4             1.203Ki ± 0%
PoolContention/workers-2-4             1.203Ki ± 0%
PoolContention/workers-4-4             1.203Ki ± 0%
PoolContention/workers-8-4             1.203Ki ± 0%
PoolContention/workers-16-4            1.203Ki ± 0%
ComponentLifecycle-4                   2.183Mi ± 0%
SourceValidation-4                     1.984Ki ± 0%
RegistryConcurrent-4                   1.133Ki ± 0%
LoaderLoadFromString-4                 2.182Mi ± 0%
geomean                                15.25Ki

                            │ benchmark-results.txt │
                            │       allocs/op       │
InterpreterCreation-4                   15.68k ± 0%
ComponentLoad-4                         18.02k ± 0%
ComponentExecute-4                       25.00 ± 0%
PoolContention/workers-1-4               25.00 ± 0%
PoolContention/workers-2-4               25.00 ± 0%
PoolContention/workers-4-4               25.00 ± 0%
PoolContention/workers-8-4               25.00 ± 0%
PoolContention/workers-16-4              25.00 ± 0%
ComponentLifecycle-4                    18.07k ± 0%
SourceValidation-4                       32.00 ± 0%
RegistryConcurrent-4                     2.000 ± 0%
LoaderLoadFromString-4                  18.06k ± 0%
geomean                                  183.3

cpu: Intel(R) Xeon(R) Platinum 8370C CPU @ 2.80GHz
                            │ baseline-bench.txt │
                            │       sec/op       │
InterpreterCreation-4               9.515m ± 68%
ComponentLoad-4                     3.451m ± 11%
ComponentExecute-4                  1.973µ ±  1%
PoolContention/workers-1-4          1.176µ ±  0%
PoolContention/workers-2-4          1.187µ ±  2%
PoolContention/workers-4-4          1.187µ ±  2%
PoolContention/workers-8-4          1.188µ ±  1%
PoolContention/workers-16-4         1.199µ ±  2%
ComponentLifecycle-4                3.529m ±  1%
SourceValidation-4                  2.307µ ±  1%
RegistryConcurrent-4                937.1n ±  1%
LoaderLoadFromString-4              3.582m ±  2%
geomean                             20.03µ

                            │ baseline-bench.txt │
                            │        B/op        │
InterpreterCreation-4               2.027Mi ± 0%
ComponentLoad-4                     2.180Mi ± 0%
ComponentExecute-4                  1.203Ki ± 0%
PoolContention/workers-1-4          1.203Ki ± 0%
PoolContention/workers-2-4          1.203Ki ± 0%
PoolContention/workers-4-4          1.203Ki ± 0%
PoolContention/workers-8-4          1.203Ki ± 0%
PoolContention/workers-16-4         1.203Ki ± 0%
ComponentLifecycle-4                2.183Mi ± 0%
SourceValidation-4                  1.984Ki ± 0%
RegistryConcurrent-4                1.133Ki ± 0%
LoaderLoadFromString-4              2.182Mi ± 0%
geomean                             15.25Ki

                            │ baseline-bench.txt │
                            │     allocs/op      │
InterpreterCreation-4                15.68k ± 0%
ComponentLoad-4                      18.02k ± 0%
ComponentExecute-4                    25.00 ± 0%
PoolContention/workers-1-4            25.00 ± 0%
PoolContention/workers-2-4            25.00 ± 0%
PoolContention/workers-4-4            25.00 ± 0%
PoolContention/workers-8-4            25.00 ± 0%
PoolContention/workers-16-4           25.00 ± 0%
ComponentLifecycle-4                 18.07k ± 0%
SourceValidation-4                    32.00 ± 0%
RegistryConcurrent-4                  2.000 ± 0%
LoaderLoadFromString-4               18.06k ± 0%
geomean                               183.3

pkg: github.com/GoCodeAlone/workflow/middleware
cpu: AMD EPYC 7763 64-Core Processor                
                                  │ benchmark-results.txt │
                                  │        sec/op         │
CircuitBreakerDetection-4                    292.6n ± 18%
CircuitBreakerExecution_Success-4            21.57n ±  0%
CircuitBreakerExecution_Failure-4            66.29n ±  0%
geomean                                      74.79n

                                  │ benchmark-results.txt │
                                  │         B/op          │
CircuitBreakerDetection-4                    144.0 ± 0%
CircuitBreakerExecution_Success-4            0.000 ± 0%
CircuitBreakerExecution_Failure-4            0.000 ± 0%
geomean                                                 ¹
¹ summaries must be >0 to compute geomean

                                  │ benchmark-results.txt │
                                  │       allocs/op       │
CircuitBreakerDetection-4                    1.000 ± 0%
CircuitBreakerExecution_Success-4            0.000 ± 0%
CircuitBreakerExecution_Failure-4            0.000 ± 0%
geomean                                                 ¹
¹ summaries must be >0 to compute geomean

cpu: Intel(R) Xeon(R) Platinum 8370C CPU @ 2.80GHz
                                  │ baseline-bench.txt │
                                  │       sec/op       │
CircuitBreakerDetection-4                  460.8n ± 2%
CircuitBreakerExecution_Success-4          59.71n ± 0%
CircuitBreakerExecution_Failure-4          66.42n ± 0%
geomean                                    122.3n

                                  │ baseline-bench.txt │
                                  │        B/op        │
CircuitBreakerDetection-4                 144.0 ± 0%
CircuitBreakerExecution_Success-4         0.000 ± 0%
CircuitBreakerExecution_Failure-4         0.000 ± 0%
geomean                                              ¹
¹ summaries must be >0 to compute geomean

                                  │ baseline-bench.txt │
                                  │     allocs/op      │
CircuitBreakerDetection-4                 1.000 ± 0%
CircuitBreakerExecution_Success-4         0.000 ± 0%
CircuitBreakerExecution_Failure-4         0.000 ± 0%
geomean                                              ¹
¹ summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/module
cpu: AMD EPYC 7763 64-Core Processor                
                                 │ benchmark-results.txt │
                                 │        sec/op         │
IaCStateBackend_InProcess-4                 314.9n ± 26%
IaCStateBackend_GRPC-4                      9.460m ±  3%
JQTransform_Simple-4                        687.1n ± 35%
JQTransform_ObjectConstruction-4            1.534µ ±  1%
JQTransform_ArraySelect-4                   3.475µ ±  0%
JQTransform_Complex-4                       39.44µ ±  1%
JQTransform_Throughput-4                    1.880µ ±  2%
SSEPublishDelivery-4                        83.15n ±  1%
geomean                                     4.013µ

                                 │ benchmark-results.txt │
                                 │         B/op          │
IaCStateBackend_InProcess-4                 416.0 ± 0%
IaCStateBackend_GRPC-4                    5.847Mi ± 9%
JQTransform_Simple-4                      1.273Ki ± 0%
JQTransform_ObjectConstruction-4          1.773Ki ± 0%
JQTransform_ArraySelect-4                 2.625Ki ± 0%
JQTransform_Complex-4                     16.31Ki ± 0%
JQTransform_Throughput-4                  1.984Ki ± 0%
SSEPublishDelivery-4                        0.000 ± 0%
geomean                                                ¹
¹ summaries must be >0 to compute geomean

                                 │ benchmark-results.txt │
                                 │       allocs/op       │
IaCStateBackend_InProcess-4                 2.000 ± 0%
IaCStateBackend_GRPC-4                     6.835k ± 0%
JQTransform_Simple-4                        10.00 ± 0%
JQTransform_ObjectConstruction-4            15.00 ± 0%
JQTransform_ArraySelect-4                   30.00 ± 0%
JQTransform_Complex-4                       328.0 ± 0%
JQTransform_Throughput-4                    17.00 ± 0%
SSEPublishDelivery-4                        0.000 ± 0%
geomean                                                ¹
¹ summaries must be >0 to compute geomean

cpu: Intel(R) Xeon(R) Platinum 8370C CPU @ 2.80GHz
                                 │ baseline-bench.txt │
                                 │       sec/op       │
IaCStateBackend_InProcess-4              340.3n ± 32%
IaCStateBackend_GRPC-4                   9.727m ± 22%
JQTransform_Simple-4                     722.7n ± 27%
JQTransform_ObjectConstruction-4         1.517µ ±  1%
JQTransform_ArraySelect-4                3.286µ ±  1%
JQTransform_Complex-4                    36.75µ ±  1%
JQTransform_Throughput-4                 1.872µ ±  1%
SSEPublishDelivery-4                     75.72n ± 10%
geomean                                  3.973µ

                                 │ baseline-bench.txt │
                                 │        B/op        │
IaCStateBackend_InProcess-4             416.0 ±  0%
IaCStateBackend_GRPC-4                5.623Mi ± 11%
JQTransform_Simple-4                  1.273Ki ±  0%
JQTransform_ObjectConstruction-4      1.773Ki ±  0%
JQTransform_ArraySelect-4             2.625Ki ±  0%
JQTransform_Complex-4                 16.31Ki ±  0%
JQTransform_Throughput-4              1.984Ki ±  0%
SSEPublishDelivery-4                    0.000 ±  0%
geomean                                             ¹
¹ summaries must be >0 to compute geomean

                                 │ baseline-bench.txt │
                                 │     allocs/op      │
IaCStateBackend_InProcess-4              2.000 ± 0%
IaCStateBackend_GRPC-4                  6.867k ± 0%
JQTransform_Simple-4                     10.00 ± 0%
JQTransform_ObjectConstruction-4         15.00 ± 0%
JQTransform_ArraySelect-4                30.00 ± 0%
JQTransform_Complex-4                    328.0 ± 0%
JQTransform_Throughput-4                 17.00 ± 0%
SSEPublishDelivery-4                     0.000 ± 0%
geomean                                             ¹
¹ summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/schema
cpu: AMD EPYC 7763 64-Core Processor                
                                    │ benchmark-results.txt │
                                    │        sec/op         │
SchemaValidation_Simple-4                      1.094µ ± 18%
SchemaValidation_AllFields-4                   1.648µ ±  7%
SchemaValidation_FormatValidation-4            1.570µ ±  1%
SchemaValidation_ManySchemas-4                 1.780µ ±  3%
geomean                                        1.498µ

                                    │ benchmark-results.txt │
                                    │         B/op          │
SchemaValidation_Simple-4                      0.000 ± 0%
SchemaValidation_AllFields-4                   0.000 ± 0%
SchemaValidation_FormatValidation-4            0.000 ± 0%
SchemaValidation_ManySchemas-4                 0.000 ± 0%
geomean                                                   ¹
¹ summaries must be >0 to compute geomean

                                    │ benchmark-results.txt │
                                    │       allocs/op       │
SchemaValidation_Simple-4                      0.000 ± 0%
SchemaValidation_AllFields-4                   0.000 ± 0%
SchemaValidation_FormatValidation-4            0.000 ± 0%
SchemaValidation_ManySchemas-4                 0.000 ± 0%
geomean                                                   ¹
¹ summaries must be >0 to compute geomean

cpu: Intel(R) Xeon(R) Platinum 8370C CPU @ 2.80GHz
                                    │ baseline-bench.txt │
                                    │       sec/op       │
SchemaValidation_Simple-4                   1.027µ ±  6%
SchemaValidation_AllFields-4                1.529µ ± 46%
SchemaValidation_FormatValidation-4         1.482µ ±  1%
SchemaValidation_ManySchemas-4              1.518µ ±  6%
geomean                                     1.371µ

                                    │ baseline-bench.txt │
                                    │        B/op        │
SchemaValidation_Simple-4                   0.000 ± 0%
SchemaValidation_AllFields-4                0.000 ± 0%
SchemaValidation_FormatValidation-4         0.000 ± 0%
SchemaValidation_ManySchemas-4              0.000 ± 0%
geomean                                                ¹
¹ summaries must be >0 to compute geomean

                                    │ baseline-bench.txt │
                                    │     allocs/op      │
SchemaValidation_Simple-4                   0.000 ± 0%
SchemaValidation_AllFields-4                0.000 ± 0%
SchemaValidation_FormatValidation-4         0.000 ± 0%
SchemaValidation_ManySchemas-4              0.000 ± 0%
geomean                                                ¹
¹ summaries must be >0 to compute geomean

pkg: github.com/GoCodeAlone/workflow/store
cpu: AMD EPYC 7763 64-Core Processor                
                                   │ benchmark-results.txt │
                                   │        sec/op         │
EventStoreAppend_InMemory-4                   1.248µ ± 15%
EventStoreAppend_SQLite-4                     1.196m ±  6%
GetTimeline_InMemory/events-10-4              14.45µ ±  5%
GetTimeline_InMemory/events-50-4              83.23µ ±  5%
GetTimeline_InMemory/events-100-4             127.7µ ±  0%
GetTimeline_InMemory/events-500-4             655.6µ ±  1%
GetTimeline_InMemory/events-1000-4            1.346m ±  1%
GetTimeline_SQLite/events-10-4                72.85µ ±  1%
GetTimeline_SQLite/events-50-4                218.7µ ±  1%
GetTimeline_SQLite/events-100-4               396.8µ ±  1%
GetTimeline_SQLite/events-500-4               1.821m ±  0%
GetTimeline_SQLite/events-1000-4              3.571m ±  0%
geomean                                       212.2µ

                                   │ benchmark-results.txt │
                                   │         B/op          │
EventStoreAppend_InMemory-4                     778.5 ± 8%
EventStoreAppend_SQLite-4                     1.985Ki ± 1%
GetTimeline_InMemory/events-10-4              7.953Ki ± 0%
GetTimeline_InMemory/events-50-4              46.62Ki ± 0%
GetTimeline_InMemory/events-100-4             94.48Ki ± 0%
GetTimeline_InMemory/events-500-4             472.8Ki ± 0%
GetTimeline_InMemory/events-1000-4            944.3Ki ± 0%
GetTimeline_SQLite/events-10-4                16.74Ki ± 0%
GetTimeline_SQLite/events-50-4                87.14Ki ± 0%
GetTimeline_SQLite/events-100-4               175.4Ki ± 0%
GetTimeline_SQLite/events-500-4               846.1Ki ± 0%
GetTimeline_SQLite/events-1000-4              1.639Mi ± 0%
geomean                                       67.26Ki

                                   │ benchmark-results.txt │
                                   │       allocs/op       │
EventStoreAppend_InMemory-4                     7.000 ± 0%
EventStoreAppend_SQLite-4                       53.00 ± 0%
GetTimeline_InMemory/events-10-4                125.0 ± 0%
GetTimeline_InMemory/events-50-4                653.0 ± 0%
GetTimeline_InMemory/events-100-4              1.306k ± 0%
GetTimeline_InMemory/events-500-4              6.514k ± 0%
GetTimeline_InMemory/events-1000-4             13.02k ± 0%
GetTimeline_SQLite/events-10-4                  382.0 ± 0%
GetTimeline_SQLite/events-50-4                 1.852k ± 0%
GetTimeline_SQLite/events-100-4                3.681k ± 0%
GetTimeline_SQLite/events-500-4                18.54k ± 0%
GetTimeline_SQLite/events-1000-4               37.29k ± 0%
geomean                                        1.162k

cpu: Intel(R) Xeon(R) Platinum 8370C CPU @ 2.80GHz
                                   │ baseline-bench.txt │
                                   │       sec/op       │
EventStoreAppend_InMemory-4                1.106µ ±  6%
EventStoreAppend_SQLite-4                  943.8µ ±  2%
GetTimeline_InMemory/events-10-4           14.80µ ±  3%
GetTimeline_InMemory/events-50-4           83.85µ ±  3%
GetTimeline_InMemory/events-100-4          165.1µ ±  3%
GetTimeline_InMemory/events-500-4          684.0µ ± 22%
GetTimeline_InMemory/events-1000-4         1.386m ±  1%
GetTimeline_SQLite/events-10-4             65.57µ ±  4%
GetTimeline_SQLite/events-50-4             224.1µ ±  1%
GetTimeline_SQLite/events-100-4            424.3µ ±  1%
GetTimeline_SQLite/events-500-4            1.992m ±  1%
GetTimeline_SQLite/events-1000-4           3.915m ±  2%
geomean                                    215.2µ

                                   │ baseline-bench.txt │
                                   │        B/op        │
EventStoreAppend_InMemory-4                 745.0 ± 12%
EventStoreAppend_SQLite-4                 1.985Ki ±  1%
GetTimeline_InMemory/events-10-4          7.953Ki ±  0%
GetTimeline_InMemory/events-50-4          46.62Ki ±  0%
GetTimeline_InMemory/events-100-4         94.48Ki ±  0%
GetTimeline_InMemory/events-500-4         472.8Ki ±  0%
GetTimeline_InMemory/events-1000-4        944.3Ki ±  0%
GetTimeline_SQLite/events-10-4            16.74Ki ±  0%
GetTimeline_SQLite/events-50-4            87.14Ki ±  0%
GetTimeline_SQLite/events-100-4           175.4Ki ±  0%
GetTimeline_SQLite/events-500-4           846.1Ki ±  0%
GetTimeline_SQLite/events-1000-4          1.639Mi ±  0%
geomean                                   67.02Ki

                                   │ baseline-bench.txt │
                                   │     allocs/op      │
EventStoreAppend_InMemory-4                  7.000 ± 0%
EventStoreAppend_SQLite-4                    53.00 ± 0%
GetTimeline_InMemory/events-10-4             125.0 ± 0%
GetTimeline_InMemory/events-50-4             653.0 ± 0%
GetTimeline_InMemory/events-100-4           1.306k ± 0%
GetTimeline_InMemory/events-500-4           6.514k ± 0%
GetTimeline_InMemory/events-1000-4          13.02k ± 0%
GetTimeline_SQLite/events-10-4               382.0 ± 0%
GetTimeline_SQLite/events-50-4              1.852k ± 0%
GetTimeline_SQLite/events-100-4             3.681k ± 0%
GetTimeline_SQLite/events-500-4             18.54k ± 0%
GetTimeline_SQLite/events-1000-4            37.29k ± 0%
geomean                                     1.162k

Benchmarks run with go test -bench=. -benchmem -count=6.
Regressions ≥ 20% are flagged. Results compared via benchstat.

@intel352 @claude
fix(sandbox/remote): break on exit_code + reject empty command (Copilot)
6ae88dd 
- Exec stops reading as soon as the terminal exit_code chunk arrives (was
  waiting for io.EOF → could hang if the agent sends exit_code but doesn't
  close the stream).
- Exec rejects an empty argv before any RPC, matching the local DockerSandbox
  runner. Test added.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@intel352 intel352 merged commit 89fdbae into main Jun 3, 2026
26 checks passed
@intel352 intel352 deleted the feat/infra-p3b-proto-client branch June 3, 2026 02:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@intel352