Skip to content

Tags: jetify-com/devbox

Tags

0.17.2

Toggle 0.17.2's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Bump lastTag version to 0.17.2 (#2821)

## Summary
- Bump `lastTag` in `flake.nix` from 0.17.1 to 0.17.2
- Update `flake.lock` (nixpkgs 2026-04-14 → 2026-04-18)

## Test plan
- [x] `nix build .` succeeds
- [x] `./result/bin/devbox version` reports `0.17.2`

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>

0.17.1

Toggle 0.17.1's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Bump lastTag version to 0.17.1 (#2807)

## Summary

Bump Flake Version

## How was it tested?

`nix build`

## Community Contribution License

All community contributions in this pull request are licensed to the
project
maintainers under the terms of the
[Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0).

By creating this pull request, I represent that I have the right to
license the
contributions to the project maintainers under the Apache 2 License as
stated in
the
[Community Contribution
License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license).

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

0.17.1-deva

Toggle 0.17.1-deva's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Fixes #2793 - replace use of [[ conditionals (#2794)

## Summary

Fixes #2793 - use of zsh/bash conditionals in a file with a pure sh
shebang.

## How was it tested?

## Community Contribution License

All community contributions in this pull request are licensed to the
project
maintainers under the terms of the
[Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0).

By creating this pull request, I represent that I have the right to
license the
contributions to the project maintainers under the Apache 2 License as
stated in
the
[Community Contribution
License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license).

---------

Signed-off-by: Tim Gates <tim.gates@iress.com>

0.17.1-dev

Toggle 0.17.1-dev's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Fix remaining Dependabot security alerts (#2803)

## Summary
- **Rails example**: Upgrade Rails 7.1.5 → 7.2.3, bringing rack 2.2.14 →
3.2.5 and nokogiri 1.18.9 → 1.19.2. Fixes Active Storage path traversal,
Rack directory traversal/XSS, Active Support ReDoS/DoS/XSS, Action View
XSS, and Active Storage glob injection/DoS/content type bypass.
- **Django example**: Update sqlparse 0.5.0 → 0.5.3 (DoS fix for
formatting list of tuples)
- **VS Code extension**: Add flatted yarn resolution → 3.4.2 (prototype
pollution via parse() fix)

## Test plan
- [x] Verify `go build ./...` still passes (no Go changes, but
confirmed)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: John Lago <750845+Lagoja@users.noreply.github.com>

0.17.0

Toggle 0.17.0's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
update flake (#2789)

0.17.0-deva

Toggle 0.17.0-deva's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Add pid, namespace, age, health, restarts to services ls (#2782)

## Summary

This PR adds additional output to the `devbox services ls` command to
see specifically to see the status of the readiness checks.

Without the HEALTH information in the output it's impossible to tell if
a service is still booting up or if it is fully up and running based on
the readiness check.

Before:
```
NAME                   STATUS           EXIT CODE
failed-server          Completed        -1
good-server            Launching        0
starting-server        Launching        0
```

After:
```
Services running in process-compose:
PID          NAME                   NAMESPACE        STATUS           AGE        HEALTH           RESTARTS        EXIT CODE
19996        good-server            default          Launching        5s         Ready            0               0
19995        starting-server        default          Launching        5s         Not Ready        0               0
19997        failed-server          default          Completed        2s         -                0               -1
```

## Additional consideration

This PR brings the output of `devbox services ls` closer to that of
`process-compose list -o wide`.

The output of `process-compose list -o wide` for comparison:
```
PID     NAME              NAMESPACE   STATUS      AGE   HEALTH      RESTARTS   EXITCODE
11518   failed-server     default     Completed   2s    -           0          -1
11520   good-server       default     Launching   3s    Ready       0          0
11519   starting-server   default     Launching   3s    Not Ready   0          0
```

(The only differences I see is the spacing between columns and no space
in the title EXITCODE)

## How was it tested?

With a sample process-compose.yaml file and running:
```
devbox run build
dist/devbox shell
devbox services start
devbox services ls 
```

The sample process-compose.yaml file used for testing.
```
processes:
 
  good-server:
    command: python -m http.server 8081
    is_daemon: true
    readiness_probe:
      exec:
        command: curl -f http://localhost:8081
      initial_delay_seconds: 1
      period_seconds: 1

  starting-server:
    command: python -m http.server 8082
    is_daemon: true
    readiness_probe:
      exec:
        command: curl -f http://localhost:8082/wait
      initial_delay_seconds: 1
      period_seconds: 100

  failed-server:
    command: python -m http.server 8083
    is_daemon: true
    readiness_probe:
      exec:
        command: curl -f http://localhost:8083/not_there
      initial_delay_seconds: 1
      period_seconds: 1    
```

## Community Contribution License

All community contributions in this pull request are licensed to the
project
maintainers under the terms of the
[Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0).

By creating this pull request, I represent that I have the right to
license the
contributions to the project maintainers under the Apache 2 License as
stated in
the
[Community Contribution
License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license).

0.17.0-dev

Toggle 0.17.0-dev's commit message
0.17.0 Prerelease

0.0.0-edge.2026-02-05

Toggle 0.0.0-edge.2026-02-05's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
de-duplicate `-f <pc.yaml>` flags to avoid the issue in #2700 (#2701)

## Summary
Using the `--process-compose-file` flag to merge configurations fails
with `FTL error="project
/Users/jack/code/my-porject/process-compose.yaml is already specified in
files to load"`

See #2700 for details

## How was it tested?
Using the method described here
#2699 to build and "install"
a local devbox then:
1. Create a process-compose.yaml file
2. Create a second process-compose.extras.yaml file that overrides some
of the config defined in the main one (i.e set `is_disabled: "false"`)
3. run `devbox services up --process-compose-file
process-compose.extras.yaml` and see error message above instead of
running services

The above fails with devbox 0.16.0 but works fine with this PR.

## Notes

I'm happy with this fix but not certain this is the best place to
implement this fix, it feels like a bit of a bandaid rather than fixing
it at the source. But reading the code I couldn't find the root cause.

## Community Contribution License

All community contributions in this pull request are licensed to the
project
maintainers under the terms of the
[Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0).

By creating this pull request, I represent that I have the right to
license the
contributions to the project maintainers under the Apache 2 License as
stated in
the
[Community Contribution
License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license).

Closes #2700

0.0.0-edge.2026-01-29

Toggle 0.0.0-edge.2026-01-29's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
Update dependencies in pytorch example (#2771)

## Summary
Update dependencies in pytorch example for compliance.

## How was it tested?
Ran poetry and created new lock file

## Community Contribution License

All community contributions in this pull request are licensed to the
project
maintainers under the terms of the
[Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0).

By creating this pull request, I represent that I have the right to
license the
contributions to the project maintainers under the Apache 2 License as
stated in
the
[Community Contribution
License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license).

0.0.0-edge.2026-01-08

Toggle 0.0.0-edge.2026-01-08's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
[compliance] Update devbox examples with vulnerabilities (#2753)

## Summary
.Update devbox examples with vulnerabilities. Bump Django from 4.2.22 to
4.2.27 in the Django stack requirements. Update filelock from 3.18.0 to
3.20.1 in the PyTorch basic example poetry.lock file.

## How was it tested?
devbox shell

## Community Contribution License

All community contributions in this pull request are licensed to the
project
maintainers under the terms of the
[Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0).

By creating this pull request, I represent that I have the right to
license the
contributions to the project maintainers under the Apache 2 License as
stated in
the
[Community Contribution
License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license).