Sandbox Restore & API Stability
This release improves backend stability and the sandbox lifecycle.
Key API updates include removing snapshot validation to streamline operations, fetching OIDC configuration dynamically via the proxy, and refining rate limiting to separate anonymous and failed authentication attempts.
The release also brings critical fixes for the runner, specifically addressing edge cases during sandbox restoration. Issues regarding correct entrypoints on restore and race conditions (waiting for mount) have been resolved to ensure a smoother environment recovery.
Documentation has also been updated regarding network limits and audit logs.
Release Details
Features
api: tweak automatic lifecycle numbers (#3152)
api: remove snapshot validation (#3150)
docs: update network limits with comprehensive services and IP contact info (#3173)
proxy: fetch oidc config from API (#3174)
Fixes
wait for mount (#3160)
api: sandbox deletion missing calls (#3141)
docs: use correct method for sandbox preview link (#3166)
docs: audit logs auto refresh (#3167)
runner: set correct entrypoint on restore (#3145)
runner: edge case on sandbox restore (#3148)
Refactor
api: remove org permission requirement for transient registry push access (#3144)
api: mask unhandled exceptions for audit logs (#3168)
api: separate anon and failed auth rate limiting with on failed auth increments (#3103)
Chores
remove legacy demo gif (#3151)
Patches
Fixes
proxy: add missing redis tls support (#3180)