0e02b78545
COMMIT SUMMARY
--------------
Removes the entire capabilities feature (apt-install, packet-capture) that
was unused and not actively maintained. This simplifies the codebase and
removes unnecessary complexity around capability trust, helper processes,
and pod-based capture infrastructure.
CHANGES
-------
sloptrap (main script):
- Removed SLOPTRAP_SUPPORTED_CAPABILITIES array
- Removed --trust-capabilities CLI flag
- Removed capability state path management functions
- Removed capability trust validation functions
- Removed packet capture helper infrastructure (pod creation, helperd)
- Removed capability-enabled container special handling
- Removed capability build stamp tracking
- Simplified prepare_container_runtime() - removed capability logic
- Simplified build_image/rebuild_image - removed capability trust checks
- Simplified run_runtime_container_cmd - removed helper process management
- Removed capability environment variables and flags
- Simplified dispatch_target - removed --trust-capabilities handling
Dockerfile.sloptrap (new):
- Added new embedded Dockerfile template
- Removed capability helper binaries from image
- Simplified entrypoint to just codex directly
- Removed sloptrap-entrypoint, sloptrap-helperd, slop-apt, slopcap
- Removed CAPABILITY_PACKAGES build argument
- Simplified RUN instructions
tests/run_tests.sh:
- Removed run_git_ignore_mask test (was testing capability trust)
- Updated runtime_context_prompt test (removed --trust-capabilities)
- Updated sh_reexec test (removed --trust-capabilities)
- Updated resume_omits_runtime_context test (removed --trust-capabilities)
tests/capability_repo/.sloptrap (deleted):
- Removed test manifest that required capabilities
tests/invalid_manifest_capabilities/.sloptrap (deleted):
- Removed test manifest for capability validation
REASON
------
The capabilities feature was identified as unused and unnecessary.
Maintaining it added complexity without providing value. Removing it:
- Reduces code complexity and maintenance burden
- Eliminates capability trust state management
- Removes helper process infrastructure
- Simplifies container build and runtime logic
- Removes pod-based capture infrastructure
VERIFICATION
------------
- All 14 regression tests pass
- shellcheck sloptrap passes with no warnings
- No regressions in core functionality (ignore mounts, session management,
network isolation, etc.)
BACKWARD COMPATIBILITY
----------------------
Breaking change: Any manifests with capabilities= entries will need to be
updated to remove the capabilities key. The --trust-capabilities flag is
no longer supported.
Test Scenarios
This directory contains cases that stress sloptrap's hardening and deployment flow. Each subdirectory mimics a user repository and focuses on a single class of behaviour. Use run_tests.sh to execute the automated checks with stubbed tooling.
Current scenarios:
mount_injection/— exercises.sloptrapignoreentries with,and=to ensure mount escape characters remain escaped and forcesbuild_if_missingto execute the Codex download/build path.root_target/— ensures attempts to mask the project root are rejected.symlink_escape/— confirms symlink targets resolving outside the project are blocked.manifest_injection/— ensures disallowedmake.*overrides abort parsing.helper_symlink/— ensures.sloptrap-ignorescannot be a symlink to directories outside the project.secret_mask/— verifies masked files remain hidden even when sloptrap remaps the workspace mount.resume_target/— verifies the resume target passes the requested session identifier to Codex.auth_file_mount— verifies~/.codex/auth.jsonis mounted directly into/codex/auth.json.project_state_isolation— verifies different projects map/codexto different host state directories.auto_login_empty_auth— verifies an emptyauth.jsonstill triggers automatic login before the main target.host_network_packet_capture/— exercises the per-run acknowledgement path for host networking combined withpacket-capture.