packages/core/src/services/sandboxManagerFactory.ts

/**
 * @license
 * Copyright 2026 Google LLC
 * SPDX-License-Identifier: Apache-2.0
 */

import os from 'node:os';
import {
  type SandboxManager,
  NoopSandboxManager,
  LocalSandboxManager,
} from './sandboxManager.js';
import { LinuxSandboxManager } from '../sandbox/linux/LinuxSandboxManager.js';
import { MacOsSandboxManager } from '../sandbox/macos/MacOsSandboxManager.js';
import { WindowsSandboxManager } from '../sandbox/windows/WindowsSandboxManager.js';
import type { SandboxConfig } from '../config/config.js';
import { type SandboxPolicyManager } from '../policy/sandboxPolicyManager.js';

/**
 * Creates a sandbox manager based on the provided settings.
 */
export function createSandboxManager(
  sandbox: SandboxConfig | undefined,
  workspace: string,
  policyManager?: SandboxPolicyManager,
  approvalMode?: string,
): SandboxManager {
  if (approvalMode === 'yolo') {
    return new NoopSandboxManager();
  }

  const modeConfig =
    policyManager && approvalMode
      ? policyManager.getModeConfig(approvalMode)
      : undefined;

  if (sandbox?.enabled) {
    if (os.platform() === 'win32' && sandbox?.command === 'windows-native') {
      return new WindowsSandboxManager({
        workspace,
        modeConfig,
        policyManager,
      });
    } else if (os.platform() === 'linux') {
      return new LinuxSandboxManager({
        workspace,
        modeConfig,
        policyManager,
      });
    } else if (os.platform() === 'darwin') {
      return new MacOsSandboxManager({
        workspace,
        modeConfig,
        policyManager,
      });
    }
    return new LocalSandboxManager();
  }

  return new NoopSandboxManager();
}
feat(core): implement native Windows sandboxing (#21807) 2026-03-19 15:25:22 -07:00			`/**`
			`* @license`
			`* Copyright 2026 Google LLC`
			`* SPDX-License-Identifier: Apache-2.0`
			`*/`

			`import os from 'node:os';`
			`import {`
			`type SandboxManager,`
			`NoopSandboxManager,`
			`LocalSandboxManager,`
			`} from './sandboxManager.js';`
			`import { LinuxSandboxManager } from '../sandbox/linux/LinuxSandboxManager.js';`
			`import { MacOsSandboxManager } from '../sandbox/macos/MacOsSandboxManager.js';`
refactor(sandbox): reorganize Windows sandbox files (#23645) 2026-03-24 07:32:20 -07:00			`import { WindowsSandboxManager } from '../sandbox/windows/WindowsSandboxManager.js';`
feat(core): implement native Windows sandboxing (#21807) 2026-03-19 15:25:22 -07:00			`import type { SandboxConfig } from '../config/config.js';`
feat(sandbox): dynamic macOS sandbox expansion and worktree support (#23301) 2026-03-23 21:48:13 -07:00			`import { type SandboxPolicyManager } from '../policy/sandboxPolicyManager.js';`
feat(core): implement native Windows sandboxing (#21807) 2026-03-19 15:25:22 -07:00
			`/**`
			`* Creates a sandbox manager based on the provided settings.`
			`*/`
			`export function createSandboxManager(`
			`sandbox: SandboxConfig \| undefined,`
			`workspace: string,`
feat(sandbox): dynamic macOS sandbox expansion and worktree support (#23301) 2026-03-23 21:48:13 -07:00			`policyManager?: SandboxPolicyManager,`
			`approvalMode?: string,`
feat(core): implement native Windows sandboxing (#21807) 2026-03-19 15:25:22 -07:00			`): SandboxManager {`
feat(sandbox): dynamic macOS sandbox expansion and worktree support (#23301) 2026-03-23 21:48:13 -07:00			`if (approvalMode === 'yolo') {`
			`return new NoopSandboxManager();`
			`}`

feat(core): implement Windows sandbox dynamic expansion Phase 1 and 2.1 (#23691) 2026-03-25 17:54:45 +00:00			`const modeConfig =`
			`policyManager && approvalMode`
			`? policyManager.getModeConfig(approvalMode)`
			`: undefined;`
feat(core): implement native Windows sandboxing (#21807) 2026-03-19 15:25:22 -07:00
			`if (sandbox?.enabled) {`
feat(core): implement Windows sandbox dynamic expansion Phase 1 and 2.1 (#23691) 2026-03-25 17:54:45 +00:00			`if (os.platform() === 'win32' && sandbox?.command === 'windows-native') {`
			`return new WindowsSandboxManager({`
			`workspace,`
			`modeConfig,`
			`policyManager,`
			`});`
			`} else if (os.platform() === 'linux') {`
feat(sandbox): dynamic Linux sandbox expansion and worktree support (#23692) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2026-03-25 18:58:45 -07:00			`return new LinuxSandboxManager({`
			`workspace,`
			`modeConfig,`
			`policyManager,`
			`});`
feat(core): implement Windows sandbox dynamic expansion Phase 1 and 2.1 (#23691) 2026-03-25 17:54:45 +00:00			`} else if (os.platform() === 'darwin') {`
feat(sandbox): dynamic macOS sandbox expansion and worktree support (#23301) 2026-03-23 21:48:13 -07:00			`return new MacOsSandboxManager({`
			`workspace,`
			`modeConfig,`
			`policyManager,`
			`});`
feat(core): implement native Windows sandboxing (#21807) 2026-03-19 15:25:22 -07:00			`}`
			`return new LocalSandboxManager();`
			`}`

			`return new NoopSandboxManager();`
			`}`