Align 0.6.0-dev schema with what the parser accepts today#451
Merged
Conversation
The dev schema is an editor-validation aid for in-development authors (docs/versioning.md), not a 1:1 mirror of parser behavior. Brought it back in sync with wxc_common::config_parser. Added fields: - network.proxy.url (third oneOf variant; parser handles it, schema dropped it between 0.5.0-alpha and 0.6.0-dev) - network.allowLocalNetwork (#422) - containment enum entries: vm, hyperlight, bubblewrap - experimental.wslc.portMappings (with required ports and tcp/udp protocol enum) - experimental.seatbelt.extraMachLookups (#437) - Containment description: note that hyperlight/bubblewrap share the common policy fields (no per-backend block) Intentionally omitted (parser accepts; schema steers authors to the canonical spelling): - containment aliases 'appcontainer' and 'macos_sandbox' — schema points at 'processcontainer' and 'seatbelt' instead - experimental.windows_sandbox.idleTimeout — legacy alias for idleTimeoutMs, same reasoning - processContainer.learningMode — debug-build-only escape hatch, silently stripped with a SECURITY log line in release; would mislead release- build authors Parser tightening for experimental.wslc.portMappings: - RawPortMapping ports are now required u16 (were Option, defaulted to 0) - wslc handler rejects port == 0 and protocol other than 'tcp'/'udp' with WxcError::ConfigParse - 5 regression tests added in config_parser::tests SDK and docs unchanged. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Aligns the in-development 0.6.0-dev JSON schema with what wxc_common::config_parser actually accepts, and tightens parsing of experimental.wslc.portMappings so invalid forwards are rejected at parse time instead of silently defaulting to port 0.
Changes:
- Schema: adds
network.proxy.urloneOf branch,network.allowLocalNetwork, containment enum entries (vm,hyperlight,bubblewrap),experimental.wslc.portMappings,experimental.seatbelt.extraMachLookups, and documents intentional aliases/omissions. - Parser: makes
RawPortMapping.windows_port/container_portrequiredu16(noDefault), and rejects port 0 or non-tcp/udpprotocol withWxcError::ConfigParse. - Tests: 5 new
wslc_port_mappings_*regression tests covering happy path, default protocol, missing port, zero port, and invalid protocol.
Show a summary per file
| File | Description |
|---|---|
schemas/dev/mxc-config.schema.0.6.0-dev.json |
Adds missing fields/enums/descriptions to bring the dev schema back in sync with parser behavior. |
src/wxc_common/src/config_parser.rs |
Tightens RawPortMapping to required ports, validates port range and protocol, and adds regression tests. |
Copilot's findings
- Files reviewed: 2/2 changed files
- Comments generated: 0
Member
Author
|
Run ADO build please |
Collaborator
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
bbonaby
approved these changes
May 28, 2026
| ], | ||
| "default": "processcontainer", | ||
| "description": "Containment value to use for execution. Accepts both abstract intents ('process', 'microvm') and concrete backends ('processcontainer', 'windows_sandbox', 'lxc', 'microvm', 'wslc', 'seatbelt', 'isolation_session', 'bubblewrap'). The native binary resolves abstract intents to a concrete backend at run time based on host capabilities. Note: 'windows_sandbox', 'wslc', 'seatbelt', 'isolation_session', and 'bubblewrap' are experimental and require the --experimental CLI flag." | ||
| "description": "Containment value to use for execution. Accepts both abstract intents ('process', 'vm') and concrete backends ('processcontainer', 'windows_sandbox', 'lxc', 'microvm', 'hyperlight', 'wslc', 'seatbelt', 'isolation_session', 'bubblewrap'). The native binary resolves abstract intents to a concrete backend at run time based on host capabilities (e.g., 'process' resolves to ProcessContainer on Windows, LXC on Linux, Seatbelt on macOS; 'vm' resolves to Windows Sandbox on Windows). Note: 'windows_sandbox', 'wslc', 'seatbelt', 'isolation_session', 'hyperlight', and 'bubblewrap' are experimental and require the --experimental CLI flag. 'hyperlight' and 'bubblewrap' have no per-backend configuration block; they share the common filesystem/network policy fields. The legacy aliases 'appcontainer' and 'macos_sandbox' are still accepted by the parser (with a deprecation log line) but are intentionally omitted from this enum so editors steer authors toward the canonical names." |
Collaborator
There was a problem hiding this comment.
question (non-blocking): I wonder if this description may be too implementation heavy, since as we add more backends it'd continue to grow.
MGudgin
pushed a commit
that referenced
this pull request
May 29, 2026
PR #451 (the merged "Align 0.6.0-dev schema with what the parser accepts today" PR — formerly this stack's branch 1) was tightened during review in three ways the previous publish commit didn't pick up. Mirroring those refinements into the stable 0.6.0-alpha schema keeps the two files consistent: 1. containment enum: drop legacy aliases 'appcontainer' and 'macos_sandbox'. The parser still accepts them (with a deprecation log line) but the schema intentionally omits them so editors steer authors toward 'processcontainer' / 'seatbelt'. The enum description is updated to call this out. 2. experimental.windows_sandbox: drop the 'idleTimeout' legacy alias. Same rationale — the parser still accepts it, but the schema only advertises the canonical 'idleTimeoutMs'. Description rewritten to mention the alias is parser-accepted but schema-omitted. 3. experimental.wslc.portMappings: tighten the item schema with `required: ["windowsPort", "containerPort"]` and `additionalProperties: false` so editors flag missing or unknown keys instead of silently accepting them. No behaviour change — the parser already enforces these shapes; this just brings the editor-validation surface in line with the merged dev schema. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📖 Description
The dev schema is an editor-validation aid for in-development authors (
docs/versioning.md), not a 1:1 mirror of parser behavior. Brought it back in sync withwxc_common::config_parser.Added fields:
network.proxy.url(third oneOf variant; parser handles it, schema dropped it between 0.5.0-alpha and 0.6.0-dev)network.allowLocalNetwork(Seatbelt: Honor allowLocalNetwork to permit inbound binds #422)containmentenum entries:vm,hyperlight,bubblewrapexperimental.wslc.portMappings(withrequiredports andtcp/udpprotocol enum)experimental.seatbelt.extraMachLookups(Seatbelt: Add extraMachLookups escape hatch for additional Mach services #437)hyperlight/bubblewrapshare the common policy fields (no per-backend block)Intentionally omitted (parser accepts; schema steers authors to the canonical spelling):
appcontainerandmacos_sandbox— schema points atprocesscontainerandseatbeltinsteadexperimental.windows_sandbox.idleTimeout— legacy alias foridleTimeoutMs, same reasoningprocessContainer.learningMode— debug-build-only escape hatch, silently stripped with a SECURITY log line in release; would mislead release-build authorsParser tightening for
experimental.wslc.portMappings:RawPortMappingports are now requiredu16(wereOption, defaulted to 0)tcp/udpwithWxcError::ConfigParseconfig_parser::testsSDK and docs unchanged.
🔗 References
Adds schema coverage for fields introduced by:
vmintent was missed in the schema)allowLocalNetwork)extraMachLookups)🔍 Validation
cargo check --manifest-path src/wxc_common/Cargo.tomlcleancargo test --manifest-path src/wxc_common/Cargo.toml config_parser— 141 passed, 0 failed (includes the 5 newwslc_port_mappings_*tests)test_configs/fixtures referenceportMappings, so the parser tightening has zero blast radius on existing test data✅ Checklist
📋 Issue Type
🤖 Generated with Claude Code
Microsoft Reviewers: Open in CodeFlow