)]}'
{"id":"snix~30583","triplet_id":"snix~canon~I46e3856b7d5d8a65abd4938e713ecaece61f24cc","project":"snix","branch":"canon","attention_set":{},"removed_from_attention_set":{"1000004":{"account":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"last_update":"2025-10-22 07:05:04.000000000","reason":"Removed by \u003cGERRIT_ACCOUNT_1000004\u003e by clicking the attention icon","reason_account":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"}},"1000010":{"account":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"last_update":"2026-05-16 09:22:19.000000000","reason":"Change was abandoned"}},"hashtags":[],"change_id":"I46e3856b7d5d8a65abd4938e713ecaece61f24cc","subject":"feat(build): add embedded-sandbox-shell support for OCI builds","status":"ABANDONED","created":"2025-06-27 19:51:18.000000000","updated":"2026-05-16 09:22:19.000000000","total_comment_count":38,"unresolved_comment_count":0,"has_review_started":true,"meta_rev_id":"3f6ceb6debc24c0cf07685659c242d8c4b1457aa","_number":30583,"virtual_id_number":30583,"owner":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"actions":{},"labels":{"Code-Review":{"all":[{"value":0,"permitted_voting_range":{"min":-1,"max":1},"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},{"value":0,"permitted_voting_range":{"min":-2,"max":2},"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"}],"values":{"-2":"This shall not be merged","-1":"I would prefer this is not merged as is"," 0":"No score","+1":"Looks good to me, but someone else must approve","+2":"Looks good to me, approved"},"description":"","default_value":0,"optional":true},"Verified":{"rejected":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"all":[{"tag":"autogenerated:buildkite~result","value":-1,"date":"2025-07-08 21:36:37.000000000","permitted_voting_range":{"min":-1,"max":1},"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"}],"values":{"-1":"Fails"," 0":"No score","+1":"Verified"},"description":"","default_value":0,"optional":true},"Autosubmit":{"all":[{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"}],"values":{" 0":"Submit manually","+1":"Submit automatically"},"description":"","default_value":0,"optional":true}},"removable_reviewers":[],"reviewers":{"REVIEWER":[{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"}]},"pending_reviewers":{},"reviewer_updates":[{"updated":"2025-06-27 19:51:19.000000000","updated_by":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"reviewer":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"state":"CC"},{"updated":"2025-06-27 20:05:31.000000000","updated_by":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"reviewer":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"state":"REVIEWER"},{"updated":"2025-06-28 20:31:55.000000000","updated_by":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"reviewer":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"state":"CC"},{"updated":"2025-06-30 10:16:23.000000000","updated_by":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"reviewer":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"state":"REVIEWER"}],"messages":[{"id":"9e4ab99ba23f2e286714eb2d79e562332079e6dc","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-06-27 19:51:18.000000000","message":"Uploaded patch set 1.","accounts_in_message":[],"_revision_number":1},{"id":"903641a06a0b03936ddb24acedc91a5e0ec17181","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-27 19:51:19.000000000","message":"Patch Set 1:\n\nStarted build for patchset #1 on: https://buildkite.com/snix/snix/builds/1379","accounts_in_message":[],"_revision_number":1},{"id":"a841df03b41ad6191774b65ac3a05885dd804174","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-06-27 19:54:46.000000000","message":"Uploaded patch set 2.","accounts_in_message":[],"_revision_number":2},{"id":"d8103697c66a30be6ee9648c0be6cddc8065836f","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-27 19:54:47.000000000","message":"Patch Set 2:\n\nStarted build for patchset #2 on: https://buildkite.com/snix/snix/builds/1380","accounts_in_message":[],"_revision_number":2},{"id":"4847d7d949f3ee039377fe3e250bbbc39542b288","tag":"autogenerated:buildkite~result","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-27 20:05:31.000000000","message":"Patch Set 2: Verified-1\n\nBuild of patchset 2 failed: https://buildkite.com/snix/snix/builds/1380","accounts_in_message":[],"_revision_number":2},{"id":"c6168cfdeb1121282d4c1b29601fa702a1e0ac17","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-06-27 20:08:55.000000000","message":"Uploaded patch set 3.\n\nOutdated Votes:\n* Verified-1 (copy condition: \"(**is:ANY** AND changekind:NO_CODE_CHANGE) OR changekind:NO_CHANGE\")\n","accounts_in_message":[],"_revision_number":3},{"id":"66df6fb421f7ca915aeafc572bd4b8de3274770c","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-27 20:08:55.000000000","message":"Patch Set 3:\n\nStarted build for patchset #3 on: https://buildkite.com/snix/snix/builds/1381","accounts_in_message":[],"_revision_number":3},{"id":"35672354234c785deb05c35ac7784e1eb91c7488","tag":"autogenerated:buildkite~result","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-27 20:15:49.000000000","message":"Patch Set 3: Verified-1\n\nBuild of patchset 3 failed: https://buildkite.com/snix/snix/builds/1381","accounts_in_message":[],"_revision_number":3},{"id":"658dd4badafa4be2ef7caec93bd355f63fc556f2","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-06-27 20:23:46.000000000","message":"Uploaded patch set 4.\n\nOutdated Votes:\n* Verified-1 (copy condition: \"(**is:ANY** AND changekind:NO_CODE_CHANGE) OR changekind:NO_CHANGE\")\n","accounts_in_message":[],"_revision_number":4},{"id":"3e8b192d5a3f6b53c01d95bf8abe5ab473e2b055","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-27 20:23:47.000000000","message":"Patch Set 4:\n\nStarted build for patchset #4 on: https://buildkite.com/snix/snix/builds/1382","accounts_in_message":[],"_revision_number":4},{"id":"2f90d4d0209a6608a7127941e72256c9f803a290","tag":"autogenerated:buildkite~result","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-27 20:38:11.000000000","message":"Patch Set 4: Verified-1\n\nBuild of patchset 4 failed: https://buildkite.com/snix/snix/builds/1382","accounts_in_message":[],"_revision_number":4},{"id":"53aebe93ec0b584c8fbda415a6116e485e28b9b9","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-06-28 00:08:07.000000000","message":"Uploaded patch set 5.\n\nOutdated Votes:\n* Verified-1 (copy condition: \"(**is:ANY** AND changekind:NO_CODE_CHANGE) OR changekind:NO_CHANGE\")\n","accounts_in_message":[],"_revision_number":5},{"id":"cc235efe3edd15d906cc4a49b8bb5f5bfc89b815","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-28 00:08:08.000000000","message":"Patch Set 5:\n\nStarted build for patchset #5 on: https://buildkite.com/snix/snix/builds/1383","accounts_in_message":[],"_revision_number":5},{"id":"fbfa9db9ed10f17678bd0cb5be8a253ea54b6bc7","tag":"autogenerated:buildkite~result","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-06-28 00:20:50.000000000","message":"Patch Set 5: Verified-1\n\nBuild of patchset 5 failed: https://buildkite.com/snix/snix/builds/1383","accounts_in_message":[],"_revision_number":5},{"id":"39830dd9e73514c0dbab92791313541dbeeb6600","author":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"date":"2025-06-28 20:31:55.000000000","message":"Patch Set 5:\n\n(3 comments)","accounts_in_message":[],"_revision_number":5},{"id":"7428cd3ec98dc5192a5da0c5abc2a713256ce7f7","author":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"date":"2025-06-28 20:33:04.000000000","message":"Patch Set 5:\n\n(1 comment)","accounts_in_message":[],"_revision_number":5},{"id":"17bc84fabf10bd6c886dc2474f772671b357f53a","tag":"autogenerated:gerrit:code-owners:addReviewer","author":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"date":"2025-06-30 10:16:23.000000000","message":"\u003cGERRIT_ACCOUNT_1000004\u003e, who was added as reviewer owns the following files:\n* `snix/Cargo.lock`\n* `snix/Cargo.nix`\n* `snix/build/Cargo.toml`\n* `snix/build/build.rs`\n* `snix/build/src/buildservice/from_addr.rs`\n* `snix/build/src/buildservice/oci.rs`\n* `snix/default.nix`\n","accounts_in_message":[{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"}],"_revision_number":5},{"id":"5852630c8e782eb44739201ef0cbdfcdbaf6bc3c","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-04 14:17:42.000000000","message":"Uploaded patch set 6.\n\nOutdated Votes:\n* Verified-1 (copy condition: \"(**is:ANY** AND changekind:NO_CODE_CHANGE) OR changekind:NO_CHANGE\")\n","accounts_in_message":[],"_revision_number":6},{"id":"910db1061d80bc7647eb307c674686fdc1c111a8","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-04 14:17:43.000000000","message":"Patch Set 6:\n\nStarted build for patchset #6 on: https://buildkite.com/snix/snix/builds/1417","accounts_in_message":[],"_revision_number":6},{"id":"d48d64224a356999b0358e444bb67f242e1072a2","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-04 14:32:59.000000000","message":"Patch Set 6:\n\n(4 comments)","accounts_in_message":[],"_revision_number":6},{"id":"ab4269d05804874b5c8b3fe71e72d84f4a6ca3d1","tag":"autogenerated:buildkite~result","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-04 14:38:21.000000000","message":"Patch Set 6: Verified-1\n\nBuild of patchset 6 failed: https://buildkite.com/snix/snix/builds/1417","accounts_in_message":[],"_revision_number":6},{"id":"06bddb14722b3f639b8320bfaaf050abfa8822df","author":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"date":"2025-07-05 15:51:31.000000000","message":"Patch Set 6:\n\n(9 comments)","accounts_in_message":[],"_revision_number":6},{"id":"ede99920b3cc10741c35659d2f83e759ea93639f","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-07 19:35:18.000000000","message":"Uploaded patch set 7.\n\nOutdated Votes:\n* Verified-1 (copy condition: \"(**is:ANY** AND changekind:NO_CODE_CHANGE) OR changekind:NO_CHANGE\")\n","accounts_in_message":[],"_revision_number":7},{"id":"b98b387b70de9ae854bb4c83ed7d9dae7ed92b84","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-07 19:35:19.000000000","message":"Patch Set 7:\n\nStarted build for patchset #7 on: https://buildkite.com/snix/snix/builds/1433","accounts_in_message":[],"_revision_number":7},{"id":"dcc364b676c34316aab2d31f153d748fc29c0c43","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-07 19:36:18.000000000","message":"Patch Set 7:\n\n(9 comments)","accounts_in_message":[],"_revision_number":7},{"id":"89bb8ded88855d3ea9f1eee325f633b1443ce80a","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-07 19:48:42.000000000","message":"Uploaded patch set 8.","accounts_in_message":[],"_revision_number":8},{"id":"afce308c5fe834e1329189c9d8905dbfb144d8a9","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-07 19:48:43.000000000","message":"Patch Set 8:\n\nStarted build for patchset #8 on: https://buildkite.com/snix/snix/builds/1434","accounts_in_message":[],"_revision_number":8},{"id":"0453d0468e5cb444e299f61073b7747f3fa7e96f","tag":"autogenerated:buildkite~result","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-07 20:03:48.000000000","message":"Patch Set 8: Verified-1\n\nBuild of patchset 8 failed: https://buildkite.com/snix/snix/builds/1434","accounts_in_message":[],"_revision_number":8},{"id":"3fa7097eee2ca30c9dcf44efffd600055be89266","author":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"date":"2025-07-07 20:19:55.000000000","message":"Patch Set 8:\n\n(6 comments)","accounts_in_message":[],"_revision_number":8},{"id":"0a7344cdb902bcd0965366bc8b100aa17429d3c7","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-07 22:49:41.000000000","message":"Patch Set 8:\n\n(6 comments)","accounts_in_message":[],"_revision_number":8},{"id":"64c42e970248001110de61f3d152811b5f69734c","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-07 22:51:20.000000000","message":"Uploaded patch set 9.\n\nOutdated Votes:\n* Verified-1 (copy condition: \"(**is:ANY** AND changekind:NO_CODE_CHANGE) OR changekind:NO_CHANGE\")\n","accounts_in_message":[],"_revision_number":9},{"id":"b95e7578b316aa95b8a18ecb0402ca93074ccffd","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-07 22:51:22.000000000","message":"Patch Set 9:\n\nStarted build for patchset #9 on: https://buildkite.com/snix/snix/builds/1435","accounts_in_message":[],"_revision_number":9},{"id":"254043d2a00f6ec5f77a86c092c76a19aa73bb90","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-07 23:00:25.000000000","message":"Uploaded patch set 10.","accounts_in_message":[],"_revision_number":10},{"id":"aa8c49b2f6b58bf25cd598d415c544e64bdf9fa0","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-07 23:00:26.000000000","message":"Patch Set 10:\n\nStarted build for patchset #10 on: https://buildkite.com/snix/snix/builds/1436","accounts_in_message":[],"_revision_number":10},{"id":"b6b18de214c55b94219ba961ef03b82cfdea8ed1","tag":"autogenerated:buildkite~result","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-07 23:16:18.000000000","message":"Patch Set 10: Verified-1\n\nBuild of patchset 10 failed: https://buildkite.com/snix/snix/builds/1436","accounts_in_message":[],"_revision_number":10},{"id":"0e9fd478cc3ab965d2d3eb1e0ea208f225ec842c","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-08 20:32:29.000000000","message":"Uploaded patch set 11.\n\nOutdated Votes:\n* Verified-1 (copy condition: \"(**is:ANY** AND changekind:NO_CODE_CHANGE) OR changekind:NO_CHANGE\")\n","accounts_in_message":[],"_revision_number":11},{"id":"8e2ddeef3ba5e51da84ac9b30fd1ba933c1edfda","tag":"autogenerated:buildkite~trigger","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-08 20:32:31.000000000","message":"Patch Set 11:\n\nStarted build for patchset #11 on: https://buildkite.com/snix/snix/builds/1438","accounts_in_message":[],"_revision_number":11},{"id":"3e61e6aa16ef0b31266bd0ef8281bee8fcb134be","tag":"autogenerated:buildkite~result","author":{"_account_id":1000002,"name":"besadii","username":"besadii","tags":["SERVICE_USER"]},"date":"2025-07-08 20:51:31.000000000","message":"Patch Set 11: Verified-1\n\nBuild of patchset 11 failed: https://buildkite.com/snix/snix/builds/1438","accounts_in_message":[],"_revision_number":11},{"id":"3308507b314a9fd4a70fee04874be416f060ec98","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"date":"2025-07-08 21:36:37.000000000","message":"Uploaded patch set 12: New patch set was added with same tree, parent tree, and commit message as Patch Set 11.\n\nCopied Votes:\n* Verified-1 (copy condition: \"(**is:ANY** AND **changekind:NO_CODE_CHANGE**) OR **changekind:NO_CHANGE**\")\n","accounts_in_message":[],"_revision_number":12},{"id":"3f6ceb6debc24c0cf07685659c242d8c4b1457aa","tag":"autogenerated:gerrit:abandon","author":{"_account_id":1000004,"name":"Florian Klink","email":"flokli@flokli.de","username":"flokli"},"date":"2026-05-16 09:22:19.000000000","message":"Abandoned\n\nstale.","accounts_in_message":[],"_revision_number":12}],"current_revision_number":12,"current_revision":"19bced53068d3491e105116b8ffa9b5c46553990","revisions":{"02a32b48c0c74b80152f45c2a99c95794acca2c5":{"kind":"REWORK","_number":1,"created":"2025-06-27 19:51:18.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/1","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/1","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/1 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/1 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/1 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/1"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"subject":"feat(build): add embedded busybox support for sandbox shell","message":"feat(build): add embedded busybox support for sandbox shell\n\nThis adds an optional \"embedded-busybox\" feature that embeds the busybox\nbinary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-busybox feature flag in Cargo.toml\n- Embeds busybox binary at compile time when feature is enabled\n- Extracts embedded binary to temp directory at runtime\n- Falls back to SNIX_BUILD_SANDBOX_SHELL env var when feature disabled\n- Updates OCIBuildService to accept sandbox_shell via URL parameters\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"42f65064ec61f22cdda89f9bbbfcc401845f919c":{"kind":"REWORK","_number":2,"created":"2025-06-27 19:54:46.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/2","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/2","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/2 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/2 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/2 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/2"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:54:33.000000000","tz":-300},"subject":"feat(build): add embedded busybox support for sandbox shell","message":"feat(build): add embedded busybox support for sandbox shell\n\nThis adds an optional \"embedded-busybox\" feature that embeds the busybox\nbinary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-busybox feature flag in Cargo.toml\n- Embeds busybox binary at compile time when feature is enabled\n- Extracts embedded binary to temp directory at runtime\n- Falls back to SNIX_BUILD_SANDBOX_SHELL env var when feature disabled\n- Updates OCIBuildService to accept sandbox_shell via URL parameters\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"b8fe88f59aec6d235081fc88fee7521936a9c8a2":{"kind":"REWORK","_number":3,"created":"2025-06-27 20:08:55.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/3","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/3","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/3 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/3 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/3 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/3"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 20:08:41.000000000","tz":-300},"subject":"feat(build): add embedded busybox support for sandbox shell","message":"feat(build): add embedded busybox support for sandbox shell\n\nThis adds an optional \"embedded-busybox\" feature that embeds the busybox\nbinary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-busybox feature flag in Cargo.toml\n- Embeds busybox binary at compile time when feature is enabled\n- Extracts embedded binary to temp directory at runtime\n- Falls back to SNIX_BUILD_SANDBOX_SHELL env var when feature disabled\n- Updates OCIBuildService to accept sandbox_shell via URL parameters\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"7101e3a8b945c241f5eb53068e3be31cb30c51c8":{"kind":"REWORK","_number":4,"created":"2025-06-27 20:23:46.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/4","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/4","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/4 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/4 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/4 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/4"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 20:22:35.000000000","tz":-300},"subject":"feat(build): add embedded busybox support for sandbox shell","message":"feat(build): add embedded busybox support for sandbox shell\n\nThis adds an optional \"embedded-busybox\" feature that embeds the busybox\nbinary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-busybox feature flag in Cargo.toml\n- Embeds busybox binary at compile time when feature is enabled\n- Extracts embedded binary to temp directory at runtime\n- Falls back to SNIX_BUILD_SANDBOX_SHELL env var when feature disabled\n- Updates OCIBuildService to accept sandbox_shell via URL parameters\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"e78ad762aeeda972f95c6d33349cf07afee26101":{"kind":"REWORK","_number":5,"created":"2025-06-28 00:08:07.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/5","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/5","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/5 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/5 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/5 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/5"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-28 00:07:51.000000000","tz":-300},"subject":"feat(build): add embedded busybox support for sandbox shell","message":"feat(build): add embedded busybox support for sandbox shell\n\nThis adds an optional \"embedded-busybox\" feature that embeds the busybox\nbinary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-busybox feature flag in Cargo.toml\n- Embeds busybox binary at compile time when feature is enabled\n- Extracts embedded binary to temp directory at runtime\n- Falls back to SNIX_BUILD_SANDBOX_SHELL env var when feature disabled\n- Updates OCIBuildService to accept sandbox_shell via URL parameters\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"d40332de42b050cb3e14d642342958d2f7c0e778":{"kind":"REWORK","_number":6,"created":"2025-07-04 14:17:42.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/6","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/6","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/6 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/6 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/6 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/6"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-07-04 14:16:50.000000000","tz":-300},"subject":"feat(build): add embedded-sandbox-shell support for OCI builds","message":"feat(build): add embedded-sandbox-shell support for OCI builds\n\nThis adds an optional \"embedded-sandbox-shell\" feature that embeds the sandbox\nshell binary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-sandbox-shell feature flag in Cargo.toml\n- Requires SNIX_BUILD_SANDBOX_SHELL at compile time for all Linux builds\n- When feature is enabled: embeds binary contents at compile time\n- When feature is disabled: bakes the path at compile time via option_env\\!()\n- Extracts embedded binary to temp directory at runtime (when feature enabled)\n- Makes sandbox_shell configurable via URL query parameter for OCIBuildService\n- Updates OCIBuildService to accept sandbox shell path as constructor parameter\n\nThis ensures the sandbox shell is always available without runtime environment\ndependencies, whether as a baked path or embedded binary.\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"385705c431cb541d16eacb1b845791c286dbdbb8":{"kind":"REWORK","_number":7,"created":"2025-07-07 19:35:18.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/7","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/7","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/7 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/7 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/7 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/7"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-07-07 19:34:25.000000000","tz":-300},"subject":"feat(build): add embedded-sandbox-shell support for OCI builds","message":"feat(build): add embedded-sandbox-shell support for OCI builds\n\nThis adds an optional \"embedded-sandbox-shell\" feature that embeds the sandbox\nshell binary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on the path specified in SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-sandbox-shell feature flag in Cargo.toml\n- When feature is enabled: embeds binary contents at compile time\n- When feature is disabled: bakes the path at compile time\n- Extracts embedded binary to temp directory at runtime (when feature enabled)\n- Makes sandbox_shell configurable via URL query parameter for OCIBuildService\n- Updates OCIBuildService to accept sandbox shell path as constructor parameter\n\nThis ensures the sandbox shell is always available without runtime environment\ndependencies, whether as a baked path or embedded binary.\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"74ee1d9b052b4aa482b5c22646a330db4c387d71":{"kind":"REWORK","_number":8,"created":"2025-07-07 19:48:42.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/8","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/8","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/8 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/8 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/8 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/8"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-07-07 19:48:14.000000000","tz":-300},"subject":"feat(build): add embedded-sandbox-shell support for OCI builds","message":"feat(build): add embedded-sandbox-shell support for OCI builds\n\nThis adds an optional \"embedded-sandbox-shell\" feature that embeds the sandbox\nshell binary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on the path specified in SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-sandbox-shell feature flag in Cargo.toml\n- When feature is enabled: embeds binary contents at compile time\n- When feature is disabled: bakes the path at compile time\n- Extracts embedded binary to temp directory at runtime (when feature enabled)\n- Makes sandbox_shell configurable via URL query parameter for OCIBuildService\n- Updates OCIBuildService to accept sandbox shell path as constructor parameter\n\nThis ensures the sandbox shell is always available without runtime environment\ndependencies, whether as a baked path or embedded binary.\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"eb97046988bb3ce383fec9b7c0231ae48da4fc5e":{"kind":"REWORK","_number":9,"created":"2025-07-07 22:51:20.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/9","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/9","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/9 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/9 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/9 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/9"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-07-07 22:49:55.000000000","tz":-300},"subject":"feat(build): add embedded-sandbox-shell support for OCI builds","message":"feat(build): add embedded-sandbox-shell support for OCI builds\n\nThis adds an optional \"embedded-sandbox-shell\" feature that embeds the sandbox\nshell binary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on the path specified in SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-sandbox-shell feature flag in Cargo.toml\n- When feature is enabled: embeds binary contents at compile time\n- When feature is disabled: bakes the path at compile time\n- Extracts embedded binary to temp directory at runtime (when feature enabled)\n- Makes sandbox_shell configurable via URL query parameter for OCIBuildService\n- Updates OCIBuildService to accept sandbox shell path as constructor parameter\n\nThis ensures the sandbox shell is always available without runtime environment\ndependencies, whether as a baked path or embedded binary.\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"5f7c5983785a90a38082456a422a927be18aebb8":{"kind":"REWORK","_number":10,"created":"2025-07-07 23:00:25.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/10","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/10","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/10 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/10 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/10 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/10"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-07-07 23:00:12.000000000","tz":-300},"subject":"feat(build): add embedded-sandbox-shell support for OCI builds","message":"feat(build): add embedded-sandbox-shell support for OCI builds\n\nThis adds an optional \"embedded-sandbox-shell\" feature that embeds the sandbox\nshell binary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on the path specified in SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-sandbox-shell feature flag in Cargo.toml\n- When feature is enabled: embeds binary contents at compile time\n- When feature is disabled: bakes the path at compile time\n- Extracts embedded binary to temp directory at runtime (when feature enabled)\n- Makes sandbox_shell configurable via URL query parameter for OCIBuildService\n- Updates OCIBuildService to accept sandbox shell path as constructor parameter\n\nThis ensures the sandbox shell is always available without runtime environment\ndependencies, whether as a baked path or embedded binary.\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"3de8f5bafe27d8d63a5c0082cd60bc5be852bb7a":{"kind":"REWORK","_number":11,"created":"2025-07-08 20:32:29.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/11","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/11","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/11 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/11 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/11 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/11"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-07-08 20:32:17.000000000","tz":-300},"subject":"feat(build): add embedded-sandbox-shell support for OCI builds","message":"feat(build): add embedded-sandbox-shell support for OCI builds\n\nThis adds an optional \"embedded-sandbox-shell\" feature that embeds the sandbox\nshell binary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on the path specified in SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-sandbox-shell feature flag in Cargo.toml\n- When feature is enabled: embeds binary contents at compile time\n- When feature is disabled: bakes the path at compile time\n- Extracts embedded binary to temp directory at runtime (when feature enabled)\n- Makes sandbox_shell configurable via URL query parameter for OCIBuildService\n- Updates OCIBuildService to accept sandbox shell path as constructor parameter\n\nThis ensures the sandbox shell is always available without runtime environment\ndependencies, whether as a baked path or embedded binary.\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"},"19bced53068d3491e105116b8ffa9b5c46553990":{"kind":"NO_CHANGE","_number":12,"created":"2025-07-08 21:36:37.000000000","uploader":{"_account_id":1000010,"name":"Domen Kožar","email":"domen@cachix.org","username":"domenkozar"},"ref":"refs/changes/83/30583/12","fetch":{"anonymous http":{"url":"https://cl.snix.dev/snix","ref":"refs/changes/83/30583/12","commands":{"Checkout":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/12 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/12 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://cl.snix.dev/snix refs/changes/83/30583/12 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://cl.snix.dev/snix refs/changes/83/30583/12"}}},"commit":{"parents":[{"commit":"abb2daa4ae2a70fcdae3e755264b74e56ab7e71d","subject":"feat(modules/monorepo-gerrit): 3.11.0 -\u003e 3.12.0"}],"author":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-06-27 19:50:53.000000000","tz":-300},"committer":{"name":"Domen Kožar","email":"domen@cachix.org","date":"2025-07-08 21:36:26.000000000","tz":-300},"subject":"feat(build): add embedded-sandbox-shell support for OCI builds","message":"feat(build): add embedded-sandbox-shell support for OCI builds\n\nThis adds an optional \"embedded-sandbox-shell\" feature that embeds the sandbox\nshell binary directly into the build at compile time. This simplifies deployment\nby removing the runtime dependency on the path specified in SNIX_BUILD_SANDBOX_SHELL.\n\nThe implementation:\n- Adds embedded-sandbox-shell feature flag in Cargo.toml\n- When feature is enabled: embeds binary contents at compile time\n- When feature is disabled: bakes the path at compile time\n- Extracts embedded binary to temp directory at runtime (when feature enabled)\n- Makes sandbox_shell configurable via URL query parameter for OCIBuildService\n- Updates OCIBuildService to accept sandbox shell path as constructor parameter\n\nThis ensures the sandbox shell is always available without runtime environment\ndependencies, whether as a baked path or embedded binary.\n\n🤖 Generated with [Claude Code](https://claude.ai/code)\n\nCo-Authored-By: Claude \u003cnoreply@anthropic.com\u003e\nChange-Id: I46e3856b7d5d8a65abd4938e713ecaece61f24cc\n"},"branch":"refs/heads/canon"}},"requirements":[],"submit_records":[],"submit_requirements":[{"name":"Verified","description":"Label \u0027Verified+1\u0027 is required","status":"UNSATISFIED","is_legacy":false,"applicability_expression_result":{"fulfilled":true,"status":"PASS"},"submittability_expression_result":{"expression":"label:Verified\u003dMAX,user\u003dnon_uploader","fulfilled":false,"status":"FAIL","passing_atoms":[],"failing_atoms":["label:Verified\u003dMAX,user\u003dnon_uploader"],"atom_explanations":{"label:Verified\u003dMAX,user\u003dnon_uploader":""}}},{"name":"Code-Review","description":"At least one maximum vote for label \u0027Code-Review\u0027 is required, minimum votes block submits","status":"UNSATISFIED","is_legacy":false,"submittability_expression_result":{"expression":"label:Code-Review\u003dMAX,user\u003dnon_uploader AND -label:Code-Review\u003dMIN","fulfilled":false,"status":"FAIL","passing_atoms":[],"failing_atoms":["label:Code-Review\u003dMAX,user\u003dnon_uploader","label:Code-Review\u003dMIN"],"atom_explanations":{"label:Code-Review\u003dMAX,user\u003dnon_uploader":"","label:Code-Review\u003dMIN":""}}},{"name":"No-Unresolved-Comments","description":"Changes that have unresolved comments are not submittable.","status":"NOT_APPLICABLE","is_legacy":false,"applicability_expression_result":{"fulfilled":false,"status":"FAIL"},"submittability_expression_result":{"expression":"-has:unresolved","fulfilled":true,"status":"NOT_EVALUATED","passing_atoms":[],"failing_atoms":[],"atom_explanations":{}}}]}