coder · ammario · Sep 11, 2025 · Sep 11, 2025 · Sep 11, 2025 · Sep 11, 2025
diff --git a/.claude/commands/ci.md b/.claude/commands/ci.md
@@ -2,6 +2,8 @@ Commit working changes and push them to CI
 
 Run `cargo clippy -- -D warning` before pushing changes.
 
+Also fetch the latest version of the base branch and merge it into the current branch.
+
 Enter loop where you wait for CI to complete, resolve issues,
 and return to user once CI is green or a major decision is needed
 to resolve it.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -36,7 +36,7 @@ jobs:
         run: cargo build --verbose
 
       - name: Run unit tests
-        run: cargo nextest run --profile ci --bins --verbose
+        run: cargo nextest run --profile ci --lib --verbose
 
       - name: Run smoke tests
         run: cargo nextest run --profile ci --test smoke_test --verbose
@@ -108,7 +108,7 @@ jobs:
       - name: Run unit tests
         run: |
           source ~/.cargo/env
-          cargo nextest run --profile ci --bins --verbose
+          cargo nextest run --profile ci --lib --verbose
 
       - name: Run smoke tests
         run: |

diff --git a/CLAUDE.md b/CLAUDE.md
@@ -55,3 +55,17 @@ After modifying code, run `cargo fmt` to ensure consistent formatting before com
 ## Logging
 
 In regular operation of the CLI-only jail (non-server mode), info and warn logs are not permitted as they would interfere with the underlying process output. Only use debug level logs for normal operation and error logs for actual errors. The server mode (`--server`) may use info/warn logs as appropriate since it has no underlying process.
+
+## CI Debugging
+
+The Linux CI tests run on a self-hosted runner (`ci-1`) in GCP. Only Coder employees can directly SSH into this instance for debugging.
+
+To debug CI failures on Linux:
+```bash
+gcloud --quiet compute ssh root@ci-1 --zone us-central1-f --project httpjail
+```
+
+The CI workspace is located at `/home/ci/actions-runner/_work/httpjail/httpjail`. Tests run as the `ci` user, not root. When building manually:
+```bash
+su - ci -c 'cd /home/ci/actions-runner/_work/httpjail/httpjail && cargo test'
+```
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -15,7 +15,6 @@ isolated-cleanup-tests = []
 [dependencies]
 async-trait = "0.1"
 clap = { version = "4.5", features = ["derive"] }
-regex = "1.10"
 tokio = { version = "1.35", features = ["full"] }
 hyper = { version = "1.7", features = ["full"] }
 hyper-util = { version = "0.1", features = ["full"] }
@@ -38,6 +37,7 @@ camino = "1.1.11"
 filetime = "0.2"
 ctrlc = "3.4"
 url = "2.5"
+v8 = "129"
 
 [target.'cfg(target_os = "macos")'.dependencies]
 nix = { version = "0.27", features = ["user"] }