didericis/bot-bottle
1
0
Fork 0
Code Issues 5 Pull Requests 3 Actions Packages Projects Releases Wiki Activity

docs: replace stale bash-first framing with Python-stdlib-first
test / unit (pull_request) Successful in 16s
Details
test / integration (pull_request) Successful in 1m32s
Details

Browse Source 
The project started life as bash scripts and got rewritten to Python
(documented in docs/research/bash-vs-python-vs-go.md). Several docs
still carried the old "bash-first" framing — misleading for anyone
reading them now (8.7k lines of Python vs. ~130 lines of bash, all
in scripts/demo*.sh).

- CLAUDE.md "What this is" + "Conventions": orchestrator is Python,
  posture is stdlib-first.
- docs/prds/0010-cred-proxy.md, docs/research/manifest-format-and-
  grouping.md: quoted CLAUDE.md's old wording — re-quote.
- docs/research/built-in-supervisor-design.md, landscape-containerized-
  claude.md, agent-sandbox-landscape.md, pipelock-assessment.md,
  network-egress-guard.md: drop "bash-first" claims about the project,
  keep accurate descriptions of external tools' bash usage.

Leaves untouched: bash code-fence syntax in examples, README's
literal `bash scripts/demo.sh` invocation (the demo IS bash),
Claude Code's "Bash tool" references, IVIJL/devbox bash description
(that project actually is bash), and the bash-vs-python-vs-go
research note that records the rewrite decision.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
didericis
2026-05-25 06:32:42 -04:00
parent 37ab6659a9
commit 5e8ca21669
8 changed files with 23 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/research/network-egress-guard.md
+7 -5
View File
@@ -369,7 +369,8 @@ services:
- ALL
```
In a bash-first project without Docker Compose, the equivalent is:
In a project without Docker Compose, the equivalent (shell or Python orchestrator
shelling out to `docker`) is:
```bash
# create isolated network
@@ -712,10 +713,11 @@ updates ipset without a container restart.
### Tier 1 (v1, implement first): in-container iptables + ipset + dnsmasq
Adopt approach 2a with the dnsmasq complement from IVIJL/devbox. This is the
pattern validated by Anthropic's own devcontainer, is bash-first, adds no new
runtime dependencies (iptables and ipset are standard in the base Debian/Ubuntu
image used by Claude Code; dnsmasq is a single `apt-get install`), and works
on both macOS Docker Desktop and Linux Docker Engine.
pattern validated by Anthropic's own devcontainer, configures cleanly from
plain shell + standard system packages, adds no new runtime dependencies
(iptables and ipset are standard in the base Debian/Ubuntu image used by
Claude Code; dnsmasq is a single `apt-get install`), and works on both
macOS Docker Desktop and Linux Docker Engine.
Key PRD scope for this work: