[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-75437":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":23,"hasPages":21,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":25,"readmeContent":26,"aiSummary":27,"trendingCount":15,"starSnapshotCount":15,"syncStatus":28,"lastSyncTime":29,"discoverSource":30},75437,"hf-sandbox","huggingface\u002Fhf-sandbox","huggingface","Modal-style sandbox API on top of Hugging Face Jobs",null,"Python",151,15,129,1,0,3,5,23,9,51.41,false,"main",true,[],"2026-06-12 04:01:18","\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"assets\u002Fbanner-dark.png\">\n  \u003Cimg alt=\"hf-sandbox\" src=\"assets\u002Fbanner-light.png\">\n\u003C\u002Fpicture>\n\nModal-style sandbox API on top of Hugging Face Jobs.\n\n```python\nfrom hf_sandbox import Sandbox\n\nsb = Sandbox.create(image=\"python:3.12\")\nproc = sb.exec(\"python\", \"-c\", \"print(1+1)\")  # → CompletedProcess(stdout='2\\n', returncode=0, ...)\nsb.write_file(\"\u002Ftmp\u002Ffoo.txt\", \"hello\")\nprint(sb.read_file(\"\u002Ftmp\u002Ffoo.txt\"))           # → 'hello'\nsb.terminate()\n```\n\n## How it works\n\n`Sandbox.create()` launches an HF Job that:\n\n1. `pip install`s a tiny FastAPI RPC server (FastAPI + uvicorn)\n2. starts the server on `localhost:8000`\n3. opens a free [Cloudflare Tunnel](https:\u002F\u002Fdevelopers.cloudflare.com\u002Fcloudflare-one\u002Fconnections\u002Fconnect-networks\u002F) so the master process can reach it\n\nThe client polls the job logs for the tunnel URL, then talks to the sandbox over plain HTTPS.\n\n`exec`, `write_file`, `read_file` are simple authenticated POSTs.\n`terminate()` cancels the job.\n\n## Install\n\n```bash\npip install hf-sandbox\n```\n\nRequires `hf auth login` (the same token is forwarded to the sandbox so it can access HF Hub).\n\n## Limits\n\n- Image must have Python + `pip` (used to install the RPC server and download `cloudflared`).\n- Cloudflare's free `trycloudflare.com` URLs are best-effort — fine for benchmarks, not production.\n\n## Security\n\nThe sandbox runs **untrusted code by design**. A few things to be aware of:\n\n- **HF token forwarding is opt-in.** By default, your HF token is *not* exposed to the sandbox. Pass `forward_hf_token=True` to `Sandbox.create()` if your workload needs it. With it enabled, anything running inside the sandbox can read the token from `\u002Fproc\u002Fself\u002Fenviron` and use it to act as you on the Hub.\n- **Cloudflare sees all tunnel traffic.** Requests, responses, and the auth token transit Cloudflare's infrastructure (via `trycloudflare.com`). They state they don't log it, but it's a trust relationship. Don't run sensitive workloads through it.\n- **Auth token** is a 256-bit random URL-safe string per sandbox, sent as `Bearer` on every authenticated endpoint. The tunnel URL alone gets you nothing.\n\n## Telemetry\n\n`hf-sandbox` reports anonymous usage data to help us understand how the library is used. Two events are sent per sandbox:\n\n- `hf-sandbox\u002Fcreate` — flavor, timeout, whether `forward_hf_token` was set, and a random per-sandbox session id\n- `hf-sandbox\u002Fterminate` — same session id, duration in seconds, and termination reason\n\nWe never send: the image name, commands, file paths, file contents, the tunnel URL, the auth token, your HF token, your username, or anything from inside the sandbox.\n\nDisable by setting `HF_HUB_DISABLE_TELEMETRY=1` (or `DO_NOT_TRACK=1`).\n","hf-sandbox 是一个基于 Hugging Face Jobs 的模态风格沙箱 API，允许用户在隔离环境中执行 Python 代码和文件操作。其核心功能包括通过 `Sandbox.create()` 创建沙箱环境、执行命令（`exec`）、读写文件（`read_file` 和 `write_file`）以及终止沙箱（`terminate`）。该库使用 FastAPI 和 Cloudflare Tunnel 技术实现远程过程调用，并通过 HTTPS 进行通信。适用于需要临时执行不信任代码的场景，如快速原型开发或测试等。需要注意的是，虽然提供了基本的安全措施，但运行敏感工作负载时应谨慎考虑潜在风险。",2,"2026-06-11 03:52:46","CREATED_QUERY"]