Skeld

编程是持续远程代码执行。

或者你已经检查了所有的依赖项了吗？

Skeld通过在受限沙盒中打开项目来降低这种风险，其中只有必需的路径是可访问的。项目可以通过终端用户界面方便地打开沙盒

安装

请注意，仅支持Linux。

[!IMPORTANT] Bubblewrap 必须在 PATH 中可用，因为它在内部用于创建沙盒

发布

wget https://github.com/hacrvlq/skeld/releases/download/v0.1.0/skeld-0.2.0-x86_64
chmod +x skeld-0.2.0-x86_64
./skeld-0.2.0-x86_64

crates.io（需要 cargo）

cargo install skeld
# make sure that the cargo bin path (by default ~/.cargo/bin) is included in PATH

从源码构建（需要 rust 编译器）

$ git clone --depth=1 https://github.com/hacrvlq/skeld
$ cd skeld
$ cargo build --release
$ ./target/release/skeld

用法

skeld
# Use Up/Down/J/K to select and Enter to confirm
# The mouse is also supported

[!IMPORTANT] 在没有任何配置的情况下，skeld 显示一个空白屏幕。请继续阅读以创建项目/书签/命令。

项目/配置文件位于 $XDG_CONFIG_HOME/skeld（后备 ~/.config/skeld）或 $XDG_DATA_HOME/skeld（后备 ~/.local/share/skeld）。这两个目录被称为 <SKELD-DATA>。

项目

要创建一个项目，创建一个包含以下内容的文件 <SKELD-DATA>/projects/<project-name>.toml

# root directory of project
project-dir = "..."
# path (relative to 'project-dir') to initial opened file (optional)
initial-file = "..."
# automatically open project in nix-shell if 'shell.nix' or 'default.nix' exist
auto-nixshell = true # Default: false

# whitelist paths allowing device access
whitelists-dev = [ "..." ]
# whitelist paths read-write
whitelists-rw = [
  # paths support some basic string interpolation (see #String Interpolation)
  "$(DATA)/nvim",
]
# whitelist paths read-only
whitelists-ro = [ "..." ]
# whitelist symlinks
whitelists-ln = [ "..." ]
# mount a tmpfs to the specified paths
add-tmpfs = [ "..." ]

# if 'whitelist-all-envvars' is true, all environment variables remain accessible;
# otherwise only the variables in 'whitelists-envvar' are transferred into the sandbox
whitelist-all-envvars = true # Default: false
whitelists-envvar = [ "..." ]

# include options from other project files
# NOTE: circular includes are allowed
include = [
  # relative paths are searched for in <SKELD-DATA>/include
  "rust.toml",
  # absolute paths are also supported
  "/etc/system.toml",
]

# editor to open project
[project.editor]
# used if 'default-file' is set,
# '$(FILE)' is replaced with the value of 'default-file'
cmd-with-file = ["nvim", "$(FILE)"]
# used if 'default-file' is not set
cmd-without-file = ["nvim", "."]
# whether to detached editor from terminal
# when true 'skeld' terminates after project has been opened
# should be true for GUI editors and false for TUI editors
detach = false

字符串插值

在期望路径的地方，可以使用以下占位符

配置

配置位于 $XDG_CONFIG_HOME/config.toml（后备 ~/.config/skeld）。以下选项被支持

# banner shown at the top
# example was generated with figlet using larry3d font
banner = '''
                               __
  ___      __    ___   __  __ /\_\    ___ ___
/' _ `\  /'__`\ / __`\/\ \/\ \\/\ \ /' __` __`\
/\ \/\ \/\  __//\ \_\ \ \ \_/ |\ \ \/\ \/\ \/\ \
\ \_\ \_\ \____\ \____/\ \___/  \ \_\ \_\ \_\ \_\
 \/_/\/_/\/____/\/___/  \/__/    \/_/\/_/\/_/\/_/
'''

[colorscheme]
# colors can be specified as hex color codes
neutral = "#DCD7BA"
# or as ansi color codes (see https://en.wikipedia.org/wiki/ANSI_escape_code#8-bit)
banner = 3
heading = "#C0A36E"
label = "#727169"
keybind = "#6A9589"

[[commands]]
name = "<edit>"
keybind = "e"
command = ["nvim"]
# see 'detach' in #Projects
detach = false

[[commands]]
name = "<quit>"
keybind = "q"
# if command is empty, skeld exits without doing anything
command = []
# see 'detach' in #Projects
detach = false

[project]
# user-wide project data (see #Projects for supported options)
# below are some useful settings for the neovim editor:
whitelists-rw = [
	"$(DATA)/nvim",
	"$(STATE)/nvim",

	"/sys",
]
add-tmpfs = [
	"/tmp",
	"/var",
]
whitelists-ro = [
	"~/.bashrc",
	"$(CONFIG)/nvim",

	"/usr",
	"/etc",
]
whitelists-ln = [
	"/bin",
	"/lib",
	"/lib64",
]
whitelist-all-envvars = true

[project.editor]
cmd-with-file = ["nvim", "$(FILE)"]
cmd-without-file = ["nvim", "."]
detach = false

书签

书签位于 <SKELD-DATA>/bookmarks。注意，文件需要 toml 扩展名才能被识别。

name = "nvim"
keybind = "cv"

[project]
# see #Projects

1. 这可能有点夸张。↩