0.1.0 - 2026-02-13#

Initial release.

Added#

  • Core CLI commands: alca init, alca up, alca down, alca run, alca status, alca list, alca cleanup

    cd my-project
alca init          # generate .alca.toml (interactive nix/debian template)
alca up            # start the sandbox container
alca run make build  # run a command inside the container
alca status        # show container state and config drift
alca down          # stop the container

    See Quickstart for a full walkthrough.

  • Multi-runtime support with auto-detection: Docker, OrbStack, and Podman (Linux-only)

    # Explicit selection (default: "auto")
runtime = "docker"

    See Runtimes for platform differences.

  • Configuration via .alca.toml with support for image, working directory, mounts, commands, environment variables, resource limits, and Linux capabilities

    image = "nixos/nix"
workdir = "/workspace"
workdir_exclude = [".env", "node_modules"]

mounts = ["~/.ssh:/root/.ssh:ro"]

[commands]
up = "nix-channel --update"
enter = "[ -f flake.nix ] && exec nix develop"

[envs]
EDITOR = { value = "${EDITOR}", override_on_enter = true }

[resources]
memory = "8g"
cpus = 4

    See Configuration for the full reference.

  • Config composition via extends and includes directives with three-layer merge: extends (base) → declaring file (middle) → includes (top)

    extends = [".alca.base.toml"]       # base layer, declaring file wins
includes = [".alca.local.toml"]     # top layer, included files win

    See Extends & Includes for merge semantics and priority rules.

  • Mount exclude patterns powered by Mutagen file sync, for hiding secrets and large directories from the container

    workdir_exclude = [".env", "credentials/"]

[[mounts]]
source = "."
target = "/data"
exclude = ["*.log", ".git"]

    See Config Fields for details.

  • Network isolation — zero LAN access by default, kernel-level nftables firewall on both Linux (native) and macOS (via VM helper container)

    [network]
lan-access = ["*"]  # allow all LAN access (blocked by default)

    Install the network helper on macOS:

    alca network-helper install

    See Network for platform behavior and troubleshooting.

  • Config drift detectionalca up detects changes to .alca.toml since the last container build and prompts for rebuild. Use -f to force rebuild

  • Sync conflict detection and resolution for Mutagen two-way sync, with interactive resolution flow

    alca experimental sync check     # exit 0 if clean, 1 if conflicts
alca experimental sync resolve   # interactive local/container/skip picker

    See Sync Conflicts for detection and resolution.

  • Environment variable expansion in [envs] values with ${VAR} syntax and override_on_enter for refreshing values on each shell entry

  • JSON schema (alca-config.schema.json) for editor autocomplete and validation

  • Installation via Homebrew and pre-built binaries for linux/darwin (amd64 + arm64)

    brew tap bolasblack/alcatraz https://github.com/bolasblack/alcatraz
brew install alca
Backward v0.2.2