Sign in Subscribe
docker

Docker SBX v0.28.0: Kits, File Copy, SSH Agent Forwarding

Docker SBX v0.28.0 introduces kits as a first-class feature for defining sandbox agents, adds sbx cp for file copying, enables SSH agent forwarding, and improves agent reliability across Codex, Copilot, and droid.

Docker SBX v0.28.0: Kits, File Copy, SSH Agent Forwarding

TL;DR

  • Kits are now first-class — define and ship sandbox agents and plugins with community support via sbx-kits-contrib
  • sbx cp command for host↔container file copying, plus host SSH agent forwarding for agents
  • .worktreeinclude lets you opt gitignored files into sandbox branches
  • 500-level errors now classified into specific telemetry categories instead of unknown

New

  • Kits as first-class feature — define and ship sandbox agents and plugins with community-maintained kits in sbx-kits-contrib
  • sbx cp command — copy files between host and container directly from the CLI
  • Host SSH agent forwarding — agents can now use your existing SSH keys inside sandboxes
  • .worktreeinclude support — opt specific gitignored files into worktree-backed sandbox branches
  • Copilot CLI in sandboxes — Copilot CLI now fully works within sandbox environments
  • Improved agent reliability — droid defaults to high autonomy, Codex pre-creates CODEX_HOME, docker-agent uses dedicated template
  • Better error telemetry — 500-level server errors now classified into specific categories instead of disappearing into unknown
  • Zombie process reaping — tini added as init process with fallback when missing
  • Template update checks — automatically check for updated templates on create/run
  • Improved policy UX — surface implicit deny baseline in policy ls, hint users before policy rm network

Fixed

  • Windows path handling — use forward slashes when writing paths inside the container
  • Policy scoping issue — updated kaemon-stdlib-go to fix scoping
  • Domain deduplication — dedupe domains within input in AllowNewNetworkDomains
  • HTTP request timeouts — use context deadlines instead of client timeout
  • Credential discovery gaps — closed gaps between CLI, library, and TUI paths
  • Kitty keyboard protocol — restore on TUI suspend/resume

Breaking Changes

  • Rename secret set-custom --target to --host — update any scripts using the old flag name

Update: docker pull docker/sbx:v0.28.0 or visit the release page for installation details.

Source: Docker

Read next