I've had issues with the sandbox feature, both on linux (archlinux) and two macos machines (tahoe). There is an open issue[1] on the claude-code issue tracker for it.
I'm not saying it is broken for everyone, but please do verify it does work before trusting it, by instructing Claude to attempt to read from somewhere it shouldn't be allowed to.
From my side, I confirmed both bubblewrap and seatbelt to work independently, but through claude-code they don't even though claude-code reports them to be active when debugging.
James Hoffmann has a video where he tastes different instant coffee. Subjective, but could serve as inspiration for products to try of good quality (and what to stay away from):
Chezmoi has some interesting features, that go beyond simply managing dot-files in a Git-repo, that allows it too deepen in a way that makes it quite capable:
- templating for any configuration file built-in
- support for password managers
- can download and unpack an archive, or clone a repo, and refresh it e.g. once a week
- run scripts when applying config changes (either once, or every time)
- can handle config files that are externally modified
- can keep the source dotfiles encrypted on disk, and only unlock them when applying changes to the local generated files
In my usage so far Chezmoi has replaced and is now responsible for:
- Vim plugins
- ZSH plugins
- Generate SSH and GPG keys per context when a new machine is set up
- Git configuration (with per-machine and per context GPG and SSH keys)
- Install software on FreeBSD/Linux/MacOS that I need, both from source and/or package managers
- Per machine customization (e.g. differences between 4 core and 8 cores, or 1 GB of RAM vs. 48 GB RAM, etc.)
- Per OS customization (e.g. differences between ZSH on Arch vs. MacOS)
- Per host customization (e.g. different Vim configs on workstations vs. servers)
As far as setting up a new machine goes, I install chezmoi and git manually, and then I run `chezmoi init {dotfiles-repo}`, and that takes care of (almost) everything else, for MacOS, FreeBSD, Debian, and Arch Linux, each with the specific customization I need for that specific distro and host, all generated from a single source of configuration files.
Key for me is that all variations of e.g. `.zshrc` is generated from a single `dot_zshrc_tmpl` file.
Chezmoi is a tool that deepens with use, and I am finding more uses for it as I continue to use it.
When symlinks or a bare Git repo becomes unwieldy, perhaps the platform itself has a native solution (nix, home-manager) or there is something else that does all of it (ansible, dhall) and that's cool. In other cases there is Chezmoi, which was easy to learn to use.
... Except getting used to `chezmoi edit ~/.vimrc` to make changes to a config file. That is some hefty muscle memory to overcome.
Honestly, that's quite the list. From the title and even the home page, it looks like yet another dotfiles manager, but it looks like it can replace what I've gotten with half-baked scripts. Integration with password managers is great!
If you're the kind of person to use ansible or equivalent, anything user-specific is most likely a better experience in czm.
You can get away with doing stuff like package installation as well but anything more advanced on system-level and you probably want to keep/introduce configuration management for that.
I was sceptical of changing my dotfile management strategy (it's worked fine for a decade), but after trying chezmoi on a single machine, I spent an evening migrating all my machines to it as well.
I find it much easier to use direnv and set GIT_AUTHOR_EMAIL in each of ~/work/.envrc and ~/personal/.envrc No need to reconfigure every repo this way.
Just a note of caution, when this feature was added tools based on libgit2 did not understand it. I just checked now, libgit2 eventually added support (though it took 5 months since I filed the ticket). But if you're using any tools that have a 3-year-old version of libgit2 they might not understand it.
I do the same. Also remember the following keyword if you use nested .envrc files: source_up
If you don't use this in any nested envrc files, the settings don't carry over which means your git settings are not maintained. It is kind of an escape hatch as the parent files are not verified in the same way normal envrc files are, but I have found the trade off to be worth it
Nice! I was thinking of something like this recently, but decided instead to completely divorce personal and work projects. It’s nice to close the work laptop and go open the personal laptop knowing it’s impossible to cross the streams, as well as for the ritual.
I'm not entirely sure, but `:` means "true" in bash, and if I omit it, something like this happens:
$ git config alias.foo '! echo "$1";'
$ git foo bar
bar
echo "$1";: bar: command not found
Whereas if I end with `; :` then it works as expected:
$ git config alias.foo '! echo "$1"; :'
$ git foo bar
bar
It seems to execute the last argument (`bar`) as a command without the `:` at the end, and I don't have a `bar` command on my PATH so it angrily fails with exit code 127. If it instead executes `:` however, that will make it happily exit with 0.
It seems to be a Git alias quirk, but I may be incorrect here.
Huh I had no idea $1/$2/etc worked as-is in an alias. The advice I learned years ago for dealing with any alias that needs to do something custom with parameters is to write it like
git config alias.foo '!f() { actual command goes here }; f'
as that will pass all the args to the shell function. But if git is already setting it up so the args work then suffixing the alias with ";:" seems simpler.
I imagine that a minimap could help with that, or showing nearest neighbors at the edges of the viewport, and perhaps being able to alt-tab between applications as well as groups would help.
You can use space to have a visual organisation of things, but you don't have to navigate the space since it's virtual. You should be able to navigate suitable to your platform running the viewport.
Pinch-to-zoom, drag to move, two-finger tap to bring up list of applications to move to instantly on a tablet.
Keyboard based navigation and manipulation of the canvas if you prefer to not use a mouse on your workstation.
Click to drag and scroll-to-zoom to navigate with a mouse, when that is more appropriate, for example.
I'm not saying it is broken for everyone, but please do verify it does work before trusting it, by instructing Claude to attempt to read from somewhere it shouldn't be allowed to.
From my side, I confirmed both bubblewrap and seatbelt to work independently, but through claude-code they don't even though claude-code reports them to be active when debugging.
[1] https://github.com/anthropics/claude-code/issues/32226
reply