chore(deps): bump @cloudflare/sandbox from 0.7.21 to 0.10.2

[dependabot]

Bumps @cloudflare/sandbox from 0.7.21 to 0.10.2.

Release notes

Sourced from @​cloudflare/sandbox's releases.

@​cloudflare/sandbox@​0.10.2

Patch Changes

• #695 c6bf7dc Thanks @​aron-cf! - Add sandbox.tunnels namespace with quick-tunnel support. Call sandbox.tunnels.get(port) to obtain a https://<words>.trycloudflare.com URL that proxies to localhost:<port> inside the sandbox. The call is idempotent: repeated calls for the same port return the same record from per-sandbox Durable Object storage. No Cloudflare account or DNS setup required.

  const tunnel = await sandbox.tunnels.get(8080);
  console.log(tunnel.url);
  // → https://random-words-here.trycloudflare.com
  const same = await sandbox.tunnels.get(8080);
  console.log(same.url === tunnel.url); // true
  await sandbox.tunnels.list();
  await sandbox.tunnels.destroy(8080); // or destroy(tunnel)

• #691 3ca24fc Thanks @​scuffi! - Add credential-less R2 bucket mounting via egress interception

• #703 68c8b71 Thanks @​aron-cf! - Fix inconsistencies in the sandbox.desktop interface between RPC and HTTP transports

@​cloudflare/sandbox@​0.10.1

Patch Changes

• #683 718d4e7 Thanks @​aron-cf! - readFile now accepts encoding: 'none' on the rpc transport, returning a result whose content is a ReadableStream<Uint8Array> of raw binary data with no base64 encoding or buffering. Mirrors the existing writeFile support for ReadableStream input.

  // Stream a binary file without buffering or base64 overhead (rpc transport only)
  const { content, size, mimeType } = await sandbox.readFile(
    '/workspace/image.png',
    { encoding: 'none' }
  );

@​cloudflare/sandbox@​0.10.0

Minor Changes

• #659 7c09e87 Thanks @​mvanhorn! - Update the default sandbox image runtime from Node.js 20 to Node.js 24 so published images use the current Node.js LTS release. If your workload needs a different Node.js version, build a custom image with the NODE_VERSION Docker build argument.

Patch Changes

• #679 21a5a2e Thanks @​aron-cf! - Fixed createBackup and restoreBackup with localBucket: true failing on the rpc transport for archives larger than ~24 MiB.

• #659 7c09e87 Thanks @​mvanhorn! - Add NODE_VERSION build arg to the Dockerfile, allowing operators to customize the Node.js version used in sandbox container images.

@​cloudflare/sandbox@​0.9.4

Patch Changes

• #669 10d3239 Thanks @​aron-cf! - Ensure the RPC transport successfully connects once the container has started. This should reduce the likelihood of hitting an `RPCTransportError: WebSocket upgrade failed: 503 Service

... (truncated)

Commits

• 3b58a22 Version Packages (#699)
• 68c8b71 Fix inconsistent interfaces between HTTP and RPC clients (#703)
• 3ca24fc Implement no credential R2 binding mount support (#691)
• 9e9e3f8 Bump turbo from 2.9.6 to 2.9.14 (#713)
• dbcc489 fixup! Fix tunnels RPC when using vite-plugin
• 2aca660 fixup! Attempt to fix tunnels rpc
• aa1d485 fixup! Attempt to fix tunnels rpc
• 412ed98 Fix tunnels RPC when using vite-plugin
• 154861e Bump idna from 3.11 to 3.15 in /bridge/examples/workspace-chat/backend (#707)
• 67406b4 Bump ws from 8.20.0 to 8.20.1 (#705)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #31.