sbx/v0.34#25456
Conversation
dvdksn
commented
Jun 29, 2026
- sbx: vendor v0.34.0 cli reference
- sbx: regen release notes - v0.34.0
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
docker-agent
left a comment
There was a problem hiding this comment.
Assessment: 🟢 APPROVE
This PR vendors the sbx v0.34.0 CLI reference YAML data and regenerates the sandboxes release notes. The changes are well-structured and technically sound.
What was checked:
data/sbx_cli/*.yaml— Vendored/generated CLI reference data (auto-generated from upstream; correctly not manually edited per project conventions)content/manuals/ai/sandboxes/release-notes.md— Regenerated release notes for v0.34.0
No high or medium severity issues found. The vendored YAML files are generated content updated via the standard vendor workflow, which is the expected and correct pattern.
docker-agent
left a comment
There was a problem hiding this comment.
Assessment: 🟡 NEEDS ATTENTION
| - Add OCI v2 kit artifact streaming that decompresses the layer once to a cache directory and uses seek-based random access, so file content is not held in memory between reads. | ||
| - Restrict kit installs to an allowlist of sources, defaulting to Docker Hub (`docker.io/`) only. | ||
|
|
||
| **Breaking:** installing a kit from another registry or a Git URL fails until you add its prefix with `sbx settings set kit.allowedSources`. See [Docs: Restrict kit sources](https://docs.docker.com/ai/sandboxes/customize/kits#restrict-kit-sources) for details. |
There was a problem hiding this comment.
[MEDIUM] Bold used for a callout label, not a UI element
**Breaking:** uses bold as a label/prefix, which the style guide reserves for UI elements only. The established Docker docs pattern for breaking changes or warnings is a callout block:
> [!IMPORTANT]
> Installing a kit from another registry or a Git URL fails until you add its prefix with `sbx settings set kit.allowedSources`. See [Restrict kit sources](https://docs.docker.com/ai/sandboxes/customize/kits#restrict-kit-sources) for details.