Skip to content

[Work-in-progress] Code Provider API with E2B #2711

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 7 commits into
base: main
Choose a base branch
from
+13,420 −489
Draft

[Work-in-progress] Code Provider API with E2B #2711

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
a7e1d22
moving coderouter to onlook and minimal cleanup
Aug 20, 2025
e016242
Merge branch 'main' into code-provider-api
Aug 20, 2025
6b6b3fa
committing file watcher code
Aug 27, 2025
6139f12
implementing terminal
Sep 7, 2025
31467ff
addressing ai comments, bit of polish, refactoring watch to use sse, …
Sep 8, 2025
565422c
codesandbox watch
Sep 19, 2025
6a37bea
Merge branch 'main' into code-provider-api
Sep 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 22 additions & 20 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,31 +69,32 @@ builders.
## What you can do with Onlook:

- [x] Create Next.js app in seconds
- [x] Start from text or image
- [ ] Use prebuilt templates
- [ ] Import from Figma
- [ ] Start from GitHub repo
- [x] Start from text or image
- [ ] Use prebuilt templates
- [ ] Import from Figma
- [ ] Start from GitHub repo
Comment on lines +72 to +75
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Fix nested list indentation and a split bullet to satisfy markdownlint (MD007) and readability

The nested checklist items are indented with 4 spaces; your repo’s lint expects 2. Also, the “Detect and use Components” bullet is split across two lines, breaking the markdown structure.

Apply the following diffs:

-    - [x] Start from text or image
-    - [ ] Use prebuilt templates
-    - [ ] Import from Figma
-    - [ ] Start from GitHub repo
+  - [x] Start from text or image
+  - [ ] Use prebuilt templates
+  - [ ] Import from Figma
+  - [ ] Start from GitHub repo
-    - [x] Use Figma-like UI
-    - [x] Preview your app in real-time
-    - [x] Manage brand assets and tokens
-    - [x] Create and navigate to Pages
-    - [x] Browse layers
-    - [x] Manage project Images
-    - [ ] Detect and use Components – _Previously in
-          [Onlook Desktop](https://github.com/onlook-dev/desktop)_
+  - [x] Use Figma-like UI
+  - [x] Preview your app in real-time
+  - [x] Manage brand assets and tokens
+  - [x] Create and navigate to Pages
+  - [x] Browse layers
+  - [x] Manage project Images
+  - [ ] Detect and use Components – _Previously in [Onlook Desktop](https://github.com/onlook-dev/desktop)_
-    - [x] Real-time code editor
-    - [x] Save and restore from checkpoints
-    - [x] Run commands via CLI
-    - [x] Connect with app marketplace
+  - [x] Real-time code editor
+  - [x] Save and restore from checkpoints
+  - [x] Run commands via CLI
+  - [x] Connect with app marketplace
-    - [x] Generate sharable links
-    - [x] Link your custom domain
+  - [x] Generate shareable links
+  - [x] Link your custom domain
-    - [ ] Real-time editing
-    - [ ] Leave comments
+  - [ ] Real-time editing
+  - [ ] Leave comments

Also applies to: 77-85, 87-90, 93-97

🧰 Tools
🪛 LanguageTool

[grammar] ~72-~72: There might be a mistake here.
Context: ...conds - [x] Start from text or image - [ ] Use prebuilt templates - [ ] Imp...

(QB_NEW_EN)

[grammar] ~73-~73: There might be a mistake here.
Context: ...r image - [ ] Use prebuilt templates - [ ] Import from Figma - [ ] Start fr...

(QB_NEW_EN)

[grammar] ~74-~74: There might be a mistake here.
Context: ...lt templates - [ ] Import from Figma - [ ] Start from GitHub repo - [x] Visuall...

(QB_NEW_EN)

[grammar] ~75-~75: There might be a mistake here.
Context: ...m Figma - [ ] Start from GitHub repo - [x] Visually edit your app - [x] Use...

(QB_NEW_EN)

🪛 markdownlint-cli2 (0.17.2)

72-72: Unordered list indentation
Expected: 2; Actual: 4

(MD007, ul-indent)

73-73: Unordered list indentation
Expected: 2; Actual: 4

(MD007, ul-indent)

74-74: Unordered list indentation
Expected: 2; Actual: 4

(MD007, ul-indent)

75-75: Unordered list indentation
Expected: 2; Actual: 4

(MD007, ul-indent)

🤖 Prompt for AI Agents 
In README.md around lines 72-75 (and also apply same changes to ranges 77-85,
87-90, 93-97), the nested checklist items are indented with 4 spaces and one
checklist bullet ("Detect and use Components") is split across two lines; change
nested list indentation to 2 spaces to satisfy MD007 and merge the split bullet
into a single line so each checklist item is a single continuous line; ensure
all nested checklist lines in the listed ranges use 2-space indentation and no
checklist text is broken across multiple lines.

- [x] Visually edit your app
- [x] Use Figma-like UI
- [x] Preview your app in real-time
- [x] Manage brand assets and tokens
- [x] Create and navigate to Pages
- [x] Browse layers
- [x] Manage project Images
- [ ] Detect and use Components – _Previously in
[Onlook Desktop](https://github.com/onlook-dev/desktop)_
- [x] Use Figma-like UI
- [x] Preview your app in real-time
- [x] Manage brand assets and tokens
- [x] Create and navigate to Pages
- [x] Browse layers
- [x] Manage project Images
- [ ] Detect and use Components – _Previously in
[Onlook Desktop](https://github.com/onlook-dev/desktop)_
- [x] Development Tools
- [x] Real-time code editor
- [x] Save and restore from checkpoints
- [x] Run commands via CLI
- [x] Connect with app marketplace

- [x] Real-time code editor
- [x] Save and restore from checkpoints
- [x] Run commands via CLI
- [x] Connect with app marketplace

- [x] Deploy your app in seconds
- [x] Generate sharable links
- [x] Link your custom domain
- [x] Generate sharable links
- [x] Link your custom domain
- [ ] Collaborate with your team
- [ ] Real-time editing
- [ ] Leave comments
- [ ] Real-time editing
- [ ] Leave comments

![Onlook-GitHub-Example](https://github.com/user-attachments/assets/642de37a-72cc-4056-8eb7-8eb42714cdc4)

Expand Down Expand Up @@ -182,6 +183,7 @@ For a full walkthrough, check out our
#### Sandbox and hosting

- [CodeSandboxSDK](https://codesandbox.io/docs/sdk) - Dev sandbox
- [E2B](https://e2b.dev/docs) - Dev sandbox
- [Freestyle](https://www.freestyle.sh/) - Hosting

#### Runtime
Expand Down
2 changes: 2 additions & 0 deletions apps/backend/supabase/config.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ max_rows = 100
[auth]
site_url = "https://onlook.com"
additional_redirect_urls = [
"https://onlook.internal",
"https://onlook.internal/auth/callback",
"http://localhost:3000",
"http://localhost:3000/auth/callback",
]
Expand Down
11 changes: 11 additions & 0 deletions apps/coderouter/.env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# Prefix the API paths
URL_PATH_PREFIX="/coderouter"

# Do not share this secret key - used to generate JWT token used in the client
JWT_SECRET_KEY="Replace this with your own secret"

# Insert your custom API key here and store in your other backend as well.
# It'll be used for server-to-server authentication.
CODEROUTER_API_KEY=""

E2B_API_KEY="Get your API key at https://e2b.dev"
2 changes: 2 additions & 0 deletions apps/coderouter/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
node_modules
.env
14 changes: 14 additions & 0 deletions apps/coderouter/Dockerfile.dev
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
FROM alpine:3.21.3

WORKDIR /app

COPY . .

# ENV CARGO_HOME=/project/etc/cargo
# ENV RUSTUP_HOME=/project/etc/rustup
ENV BUN_INSTALL=/usr/local/bin/bun

RUN apk add curl bash build-base
RUN curl -fsSL https://bun.sh/install | bash -s "bun-v1.2.5"

CMD ["/usr/local/bin/bun/bin/bun", "dev"]
46 changes: 46 additions & 0 deletions apps/coderouter/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
# Bun + TypeScript API Starter (Hono + Drizzle)

A batteries-included starter for building an API with **Bun**, **TypeScript**, **Hono**, and **Drizzle ORM**.
It includes: multi-database support (Postgres/MySQL/SQLite) with migrations, unit + functional tests,
OpenAPI generation, Swagger UI, TypeDoc, and a top-tier GitHub toolchain (Actions, Codecov, Renovate, Biome, Dependabot, GitHub Pages).

## Quickstart

```bash
bun install
cp .env.example .env
# choose a DB (sqlite by default)
bun db:generate # generate SQL from schema
bun db:migrate # run migrations
bun dev # start the API on http://localhost:3000
```

OpenAPI: http://localhost:3000/openapi.json
Docs (Swagger UI): http://localhost:3000/docs

### Scripts
- `bun dev` — run in watch mode
- `bun start` — production start
- `bun test` — run all tests with coverage
- `bun lint` — Biome lint/format check
- `bun fmt` — format files with Biome
- `bun db:generate` — generate migrations via drizzle-kit
- `bun db:migrate` — apply migrations
- `bun openapi` — regenerate OpenAPI JSON
- `bun docs` — build TypeDoc to `site/typedoc`

### Multi-DB
Set `DRIZZLE_DB` to `postgres` | `mysql` | `sqlite` and provide `DATABASE_URL` accordingly.
SQLite works out-of-the-box (`DATABASE_URL=file:./dev.sqlite`).

### GitHub Pages (Docs)
The `pages.yml` workflow builds and deploys:
- `/openapi.json` -> `/site/api/openapi.json`
- Swagger UI -> `/site/api/`
- TypeDoc -> `/site/typedoc/`
A small `site/index.html` links to both.

Enable Pages in **Settings → Pages** (source: GitHub Actions).

## License
MIT
5 changes: 5 additions & 0 deletions apps/coderouter/biome.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"$schema": "https://biomejs.dev/schemas/2.1.4/schema.json",
"formatter": { "enabled": true, "formatWithErrors": true },
"linter": { "enabled": true }
}
2 changes: 2 additions & 0 deletions apps/coderouter/bunfig.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
[install]
exact = false
6 changes: 6 additions & 0 deletions apps/coderouter/codecov.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
coverage:
status:
project:
default:
target: 60%
threshold: 5%
15 changes: 15 additions & 0 deletions apps/coderouter/drizzle.config.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
import "dotenv/config";

export default {
out: "./drizzle",
schema: "./src/db/schema.ts",
dialect:
process.env.DRIZZLE_DB === "postgres"
? "postgresql"
: process.env.DRIZZLE_DB === "mysql"
? "mysql"
: "sqlite",
dbCredentials: {
connectionString: process.env.DATABASE_URL,
},
};
Comment on lines +1 to +15
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

drizzle-kit config uses the wrong credential key; use url (not connectionString) and add typing

drizzle-kit expects dbCredentials.url. Using connectionString will break migrations. Adding typing guards against config drift.

 import "dotenv/config";
+import type { Config } from "drizzle-kit";

-export default {
+export default {
 	out: "./drizzle",
 	schema: "./src/db/schema.ts",
 	dialect:
 		process.env.DRIZZLE_DB === "postgres"
 			? "postgresql"
 			: process.env.DRIZZLE_DB === "mysql"
 				? "mysql"
 				: "sqlite",
 	dbCredentials: {
-		connectionString: process.env.DATABASE_URL,
+		url: process.env.DATABASE_URL!,
 	},
-};
+} satisfies Config;
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
import "dotenv/config";
export default {
out: "./drizzle",
schema: "./src/db/schema.ts",
dialect:
process.env.DRIZZLE_DB === "postgres"
? "postgresql"
: process.env.DRIZZLE_DB === "mysql"
? "mysql"
: "sqlite",
dbCredentials: {
connectionString: process.env.DATABASE_URL,
},
};
import "dotenv/config";
import type { Config } from "drizzle-kit";
export default {
out: "./drizzle",
schema: "./src/db/schema.ts",
dialect:
process.env.DRIZZLE_DB === "postgres"
? "postgresql"
: process.env.DRIZZLE_DB === "mysql"
? "mysql"
: "sqlite",
dbCredentials: {
url: process.env.DATABASE_URL!,
},
} satisfies Config;

38 changes: 38 additions & 0 deletions apps/coderouter/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
{
"name": "coderouter",
"version": "0.0.1",
"private": false,
"type": "module",
"scripts": {
"dev": "bun run --hot src/server.ts",
"start": "bun run src/server.ts",
"test": "bun test --coverage",
"lint": "biome check .",
"fmt": "biome format --write .",
"db:generate": "drizzle-kit generate",
"db:migrate": "bun run scripts/migrate.ts"
},
"dependencies": {
"@e2b/code-interpreter": "1.5.1",
"@hono/zod-openapi": "^1.1.0",
"@hono/zod-validator": "^0.2.1",
"@types/jsonwebtoken": "^9.0.10",
"better-sqlite3": "^9.4.3",
"dotenv": "^16.4.5",
"drizzle-kit": "^0.27.0",
"drizzle-orm": "^0.33.0",
"hono": "^4.9.2",
"jsonwebtoken": "^9.0.2",
"mysql2": "^3.9.7",
"pg": "^8.11.5",
"zod": "^4.0.17"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Verify zod v4 compatibility with @hono/zod-openapi v1.1.0

There have been breaking changes in Zod v4; many libraries still target Zod v3. Confirm compatibility to avoid subtle type/runtime issues. If incompatible, pin Zod to ^3.23.x or upgrade @hono/zod-openapi accordingly.

🌐 Web query:

Does @hono/zod-openapi version 1.1.0 support Zod v4, or does it require Zod v3?

💡 Result:

Short answer: It still expects Zod v3 — @hono/zod-openapi v1.1.0 does not (yet) support Zod v4.

Evidence:

  • The repo issue opened to request Zod v4 support (shows the package wasn't updated for v4 as of May 27, 2025). (github.com)
  • The published package (v1.1.0) README/npm listing continues to show the older zod-openapi usage pattern (no mention of zod/v4 support). (npmjs.com)

If you want, I can:

  • fetch the v1.1.0 package.json/peerDependencies to confirm exactly which zod range it declares, or
  • suggest workarounds (use zod v3, or switch to hono-openapi / other tooling that supports zod v4). Which would you prefer?

Citations:

Fix Zod compatibility and pin Bun engine

Your current setup uses Zod v4 alongside @hono/zod-openapi v1.1.0, which still expects Zod v3. To prevent runtime/type errors, you must downgrade Zod to the peer range declared by @hono/zod-openapi (v3.x) or upgrade to a middleware version that supports Zod v4 once available. Also, declaring an engines field for Bun will lock the runtime version for consistent environments.

• apps/coderouter/package.json:

  "dependencies": {
-   "zod": "^4.0.17",
+   "zod": "^3.23.0",
    // …other deps…
  },
  "scripts": {
    "dev": "bun run --hot src/server.ts",
    "start": "bun run src/server.ts",
    "db:migrate": "bun run scripts/migrate.ts"
  },
+ "engines": {
+   "bun": ">=1.1.0"
+ }

References:

  1. Issue requesting Zod v4 support in @hono/zod-openapi v1.1.0: [@hono/zod-openapi] Supports Zod v4 honojs/middleware#1177
  2. @hono/zod-openapi v1.1.0 npm listing (no Zod v4 peer): https://www.npmjs.com/package/%40hono/zod-openapi?activeTab=versions
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"zod": "^4.0.17"
"dependencies": {
"zod": "^3.23.0",
// …other deps…
},
"scripts": {
"dev": "bun run --hot src/server.ts",
"start": "bun run src/server.ts",
"db:migrate": "bun run scripts/migrate.ts"
},
"engines": {
"bun": ">=1.1.0"
}
🤖 Prompt for AI Agents 
In apps/coderouter/package.json around line 28, Zod is declared as "^4.0.17"
while @hono/zod-openapi v1.1.0 expects Zod v3.x, causing incompatibility; update
package.json to use a Zod v3 peer (e.g., "zod": "^3.0.0") or upgrade
@hono/zod-openapi to a version that officially supports Zod v4, and add an
"engines" field to pin Bun (e.g., "engines": { "bun": ">=1.0.0 <2.0.0" } or your
target Bun version) to ensure consistent runtime; after changing, run install
and verify types/tests.

},
"devDependencies": {
"@biomejs/biome": "^2.1.4",
"@types/node": "^22.5.0",
"bun-types": "^1.2.20",
"supertest": "^7.0.0",
"typedoc": "^0.26.6",
"undici": "^6.19.8"
}
}
5 changes: 5 additions & 0 deletions apps/coderouter/renovate.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": ["config:recommended"],
"automerge": false
}
9 changes: 9 additions & 0 deletions apps/coderouter/scripts/migrate.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
import "dotenv/config";
import { execSync } from "node:child_process";

try {
execSync("bun x drizzle-kit migrate", { stdio: "inherit" });
} catch (e) {
console.error("Migration failed", e);
process.exit(1);
}
14 changes: 14 additions & 0 deletions apps/coderouter/site/index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
<!doctype html>
<html>
<head>
<meta charset="utf-8" />
<title>Project Docs</title>
</head>
<body>
<h1>Project Documentation</h1>
<ul>
<li><a href="./api/">API (Swagger UI)</a></li>
<li><a href="./typedoc/">TypeDoc</a></li>
</ul>
</body>
</html>
Empty file added apps/coderouter/src/api/auth/sign/index.test.ts
View file
Open in desktop
Empty file.
81 changes: 81 additions & 0 deletions apps/coderouter/src/api/auth/sign/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
import { LocalHono } from "@/server";
import { encodeJwtToken, verifyApiKeyFromHeader } from "@/util/auth";
import { createRoute, z } from "@hono/zod-openapi";
import { env } from "bun";

export interface AuthSignInput {
sandboxId?: string;
userId?: string;
}

const BodySchema: z.ZodType<AuthSignInput> = z.object({
sandboxId: z.string().optional().openapi({
description:
"The ID of the sandbox. This is your own ID. It can be a UUID or any unique string. Required when using a sandbox.",
example: "00000000-0000-0000-0000-000000000000",
}),
userId: z.string().optional().openapi({
description:
"The ID of the user. This is your own ID. It can be a UUID or any unique string.",
example: "00000000-0000-0000-0000-000000000000",
}),
});

const ResponseSchema = z.object({
jwt: z.string().openapi({
description: `The JWT token to send when interacting with the API as header "X-Auth-Jwt.".`,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix typo in JWT header description.

The description mentions "X-Auth-Jwt." with an extra period at the end.

-    description: `The JWT token to send when interacting with the API as header "X-Auth-Jwt.".`,
+    description: `The JWT token to send when interacting with the API as header "X-Auth-Jwt".`,

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents 
In apps/coderouter/src/api/auth/sign/index.ts around line 26, the description
string contains a typo: the header name is written as "X-Auth-Jwt." with an
extra period inside the quotes; remove the trailing period so the header reads
"X-Auth-Jwt" (i.e., update the description text to `The JWT token to send when
interacting with the API as header "X-Auth-Jwt".`).

}),
});

const route = createRoute({
method: "post",
path: env.URL_PATH_PREFIX + "/api/auth/sign",
security: [{ apikey: [] }],
request: {
body: {
content: {
"application/json": {
schema: BodySchema,
},
},
},
},
responses: {
200: {
content: {
"application/json": {
schema: ResponseSchema,
},
},
description:
"Create a new sandbox. If the sandbox already exists, the system will resume the sandbox.",
},
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Incorrect OpenAPI description for the auth/sign endpoint.

The response description refers to creating/resuming a sandbox, but this endpoint only issues JWT tokens for authentication.

-      description:
-        "Create a new sandbox. If the sandbox already exists, the system will resume the sandbox.",
+      description:
+        "Issue a JWT token for API authentication.",
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
description:
"Create a new sandbox. If the sandbox already exists, the system will resume the sandbox.",
},
description:
"Issue a JWT token for API authentication.",
},
🤖 Prompt for AI Agents 
In apps/coderouter/src/api/auth/sign/index.ts around lines 50 to 52, the OpenAPI
response description wrongly mentions creating/resuming a sandbox; replace that
description with an accurate one stating that the endpoint issues/returns a JWT
access token (or authentication token) for the authenticated user, and ensure
the wording matches any response schema (e.g., "Returns a JWT access token for
authentication") so docs reflect the endpoint's true behavior.

401: {
content: {
"application/json": {
schema: z.object({ error: z.string() }),
},
},
description: "The API key is invalid.",
},
},
});

export function api_auth_sign(app: LocalHono) {
app.openapi(route, async (c) => {
if (!verifyApiKeyFromHeader(c.req.header("Authorization"))) {
return c.json({ error: "Unauthorized" }, 401);
}
const body = await c.req.valid("json");
const jwt = encodeJwtToken({
sandboxId: body.sandboxId,
userId: body.userId,
});
return c.json(
{
jwt,
},
200
);
});
}
18 changes: 18 additions & 0 deletions apps/coderouter/src/api/sandbox/create/index.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
import { describe, expect, it } from 'bun:test';
import { Hono } from 'hono';
import { api_sandbox_create } from './index';
Comment on lines +2 to +3
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Test uses Hono without OpenAPI support; app.openapi won’t exist → route won’t mount

The route implementation registers via app.openapi(...). Using Hono here will throw at runtime. Use OpenAPIHono and provide the required context vars (client, auth) via middleware.

Apply this diff to convert the test to a working harness with stubs and correct assertions:

-import { describe, expect, it } from 'bun:test';
-import { Hono } from 'hono';
-import { api_sandbox_create } from './index';
+import { describe, expect, it } from 'bun:test';
+import { OpenAPIHono } from '@hono/zod-openapi';
+import { api_sandbox_create } from './index';

 describe('sandbox create endpoints', () => {
-    it('POST /coderouter/api/sandbox/create returns empty object', async () => {
-        const app = new Hono();
-        api_sandbox_create(app);
-
-        const response = await app.request(env.URL_PATH_PREFIX + '/api/sandbox/create', {
-            method: 'POST',
-        });
-
-        expect(response.status).toBe(201);
-        const body = await response.json();
-        expect(body).toEqual({});
-    });
+    it('POST /coderouter/api/sandbox/create returns id', async () => {
+        const app = new OpenAPIHono();
+        // Provide required context for the handler
+        app.use('*', async (c, next) => {
+            c.set('client', {
+                sandbox: {
+                    get: async () => ({}),
+                    resume: async () => ({}),
+                    create: async () => ({}),
+                },
+            });
+            c.set('auth', { sandboxId: 'test-sandbox' });
+            await next();
+        });
+        api_sandbox_create(app);
+
+        const response = await app.request('/coderouter/api/sandbox/create', {
+            method: 'POST',
+            headers: { 'content-type': 'application/json' },
+            body: JSON.stringify({}),
+        });
+
+        expect(response.status).toBe(200);
+        const body = await response.json();
+        expect(body).toEqual({ id: 'test-sandbox' });
+    });
 });

Also applies to: 7-9

🤖 Prompt for AI Agents 
In apps/coderouter/src/api/sandbox/create/index.test.ts around lines 2-9, the
test instantiates Hono which lacks OpenAPI support so app.openapi(...) in the
route will fail; replace Hono with OpenAPIHono from the same library, add
middleware to inject the required context variables (stub `client` and `auth`)
before mounting api_sandbox_create, and ensure the test mounts the route against
the OpenAPIHono app and calls the correct path; update assertions to expect the
stubbed behavior (e.g., status and response body) and remove any direct
assumptions that rely on Hono-only behavior.


describe('sandbox create endpoints', () => {
it('POST /coderouter/api/sandbox/create returns empty object', async () => {
const app = new Hono();
api_sandbox_create(app);

const response = await app.request(env.URL_PATH_PREFIX + '/api/sandbox/create', {
method: 'POST',
});
Comment on lines +10 to +12
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

env is undefined in this test context

env.URL_PATH_PREFIX isn’t imported or defined. Either import the same env used by the router or inline the prefix literal. The diff above inlines '/coderouter' to de-risk config coupling.

🤖 Prompt for AI Agents 
In apps/coderouter/src/api/sandbox/create/index.test.ts around lines 10–12, the
test references env.URL_PATH_PREFIX but env is not defined; replace
env.URL_PATH_PREFIX with the literal '/coderouter' or import the same env module
used by the router. Update the test to either (a) add the appropriate import for
env from its module and use env.URL_PATH_PREFIX, or (b) inline the path prefix
string '/coderouter' in the request URL to remove the undefined variable.


expect(response.status).toBe(201);
const body = await response.json();
expect(body).toEqual({});
Comment on lines +14 to +16
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Status code and response shape mismatch with implementation

Implementation returns 200 with { id: string }, not 201 with {}. The proposed diff aligns the test to the current contract.

To confirm the current response contract across the codebase, run:

🏁 Script executed:

#!/bin/bash
# Inspect sandbox create handler for status and body shape
rg -n -C2 --type=ts "api_sandbox_create|sandboxId|c\.json\s*\(" apps/coderouter/src

Length of output: 44302

Update sandbox create test to match implementation

The test currently expects a 201 status and an empty body, but the handler returns 200 with an { id: string } payload. Please adjust the assertions in apps/coderouter/src/api/sandbox/create/index.test.ts to:

• Expect a 200 status:

- expect(response.status).toBe(201);
+ expect(response.status).toBe(200);

• Expect the response body to contain an id string:

- expect(body).toEqual({});
+ expect(body).toEqual({ id: expect.any(String) });

Make sure the test supplies a mock auth.sandboxId in the context (e.g. via middleware or c.set("auth", { sandboxId: "test-id" })) so that c.get("auth").sandboxId is defined.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
expect(response.status).toBe(201);
const body = await response.json();
expect(body).toEqual({});
expect(response.status).toBe(200);
const body = await response.json();
expect(body).toEqual({ id: expect.any(String) });
🤖 Prompt for AI Agents 
In apps/coderouter/src/api/sandbox/create/index.test.ts around lines 14 to 16,
the test asserts a 201 status and an empty body but the handler returns 200 with
a payload { id: string }; update the assertions to expect response.status
toBe(200) and to assert that the parsed body has an id property that is a string
(e.g. expect(typeof body.id).toBe("string") or
expect(body).toHaveProperty("id")); also ensure the test sets a mock auth
context before invoking the handler (for example c.set("auth", { sandboxId:
"test-id" })) so c.get("auth").sandboxId is defined during the request.

});
});
Loading