docs(sandboxes): document kit install-source allowlist (v0.34)#25454
Merged
Conversation
sbx v0.34 (docker/sandboxes#3566) restricts which sources a kit can be installed from via two new settings, secure by default: - kit.allowedSources (default ["docker.io/"]) — host/path prefixes for remote refs; ["*"] is the escape hatch. - kit.allowLocalKits (default true) — toggle for local dir/ZIP installs. This is a breaking change for installs from non-Docker Hub sources (for example git+https://github.com/docker/...), and it is undocumented on the docs site. Document it in the kits page, add a troubleshooting entry for the "source is not in your allowlist" failure, and note the supply-chain control in the security model. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
docker-agent
left a comment
docker-agent
left a comment
Contributor
There was a problem hiding this comment.
Assessment: 🟡 NEEDS ATTENTION
One style issue found in the new content.
mdelapenya
approved these changes
Jun 29, 2026
usha-mandya
approved these changes
Jun 29, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Document the kit install-source allowlist that shipped in sbx v0.34
(docker/sandboxes#3566) and is currently undocumented on the docs site.
The allowlist is secure by default and a breaking change for anyone
installing kits from non-Docker Hub sources (for example
git+https://github.com/docker/sbx-kits-contrib.git). Two new settings:kit.allowedSources["docker.io/"]DOCKER_SANDBOXES_KIT_ALLOWED_SOURCESkit.allowLocalKitstrueDOCKER_SANDBOXES_KIT_ALLOW_LOCALChanges
customize/kits.md— new "Restrict kit sources" section under Usingkits: default allowlist, how to add a publisher, path-segment prefix
matching, the
["*"]escape hatch,kit.allowLocalKits, and env vars.troubleshooting.md— new entry for the "source is not in yourallowlist" failure with the fix command.
security/_index.md— short note framing the allowlist as asupply-chain control (kit install commands run as root in the VM), linking
to the kits section.
Scope
different axis (what a kit does vs. where a kit installs from) and is
held on a separate gate. This PR can land on its own.
Follow-up (not in this PR)
The v0.34.0 GitHub release notes omit this allowlist from the Kits section,
so the auto-generated
release-notes.mdwon't pick it up when regenerated.The upstream release note should be amended at the source.
🤖 Generated with Claude Code