fixes to proxy on macos: prevent curl from hanging during wait-for-proxy by adding ipv6 support and timeout (#947)

packages/cli/src/utils/sandbox-macos-permissive-proxied.sb

@@ -24,7 +24,7 @@
 
 ;; deny all outbound network traffic EXCEPT through proxy on localhost:8877
 ;; set `GEMINI_SANDBOX_PROXY_COMMAND=<command>` to run proxy alongside sandbox
-;; proxy must listen on 0.0.0.0:8877 (see scripts/example-proxy.js)
+;; proxy must listen on :::8877 (see scripts/example-proxy.js)
 (deny network-outbound)
 (allow network-outbound (remote tcp "localhost:8877"))
 

packages/cli/src/utils/sandbox-macos-restrictive-proxied.sb

@@ -88,5 +88,5 @@
 
 ;; allow outbound network traffic through proxy on localhost:8877
 ;; set `GEMINI_SANDBOX_PROXY_COMMAND=<command>` to run proxy alongside sandbox
-;; proxy must listen on 0.0.0.0:8877 (see scripts/example-proxy.js)
+;; proxy must listen on :::8877 (see scripts/example-proxy.js)
 (allow network-outbound (remote tcp "localhost:8877"))

packages/cli/src/utils/sandbox.ts

@@ -339,7 +339,7 @@ export async function start_sandbox(sandbox: string) {
       });
       console.log('waiting for proxy to start ...');
       await execAsync(
-        `until curl -s http://localhost:8877; do sleep 0.25; done`,
+        `until timeout 0.25 curl -s http://localhost:8877; do sleep 0.25; done`,
       );
     }
     // spawn child and let it inherit stdio
@@ -661,7 +661,9 @@ export async function start_sandbox(sandbox: string) {
       process.exit(1);
     });
     console.log('waiting for proxy to start ...');
-    await execAsync(`until curl -s http://localhost:8877; do sleep 0.25; done`);
+    await execAsync(
+      `until timeout 0.25 curl -s http://localhost:8877; do sleep 0.25; done`,
+    );
     // connect proxy container to sandbox network
     // (workaround for older versions of docker that don't support multiple --network args)
     await execAsync(