I will steal this to make a local-first version of <a href="https://microterm.dev" rel="nofollow">https://microterm.dev</a> for macOS :)<p>My idea is to have unified environment across all targets, so the only thing that changes is speed and amount of RAM.
What does local first mean in this context? Does it just mean local? Like, the software runs locally?
yeah, it just means everything runs on your machine. there are services like E2B, sprites.dev and others that give you sandboxes in the cloud. shuru runs VMs locally using Apple's Virtualization.framework, so nothing leaves your Mac.
Unfortunately yes. It's just another stupid marketing buzzword these days.
it's the other way around, everything is in the cloud now (upload your files to us, we are privacy respecting, bla bla)<p>So it's good that the product actually highlights it is dealing with local hardware only.
Yes, but we have a perfectly serviceable term for local software already: "local software".<p>To me, "local-first software" means something slightly different. The term was coined by this essay[1], which says:<p>> Local-first ideals include the ability to work offline and collaborate across multiple devices<p>> This means that while local-first apps keep their data in local storage on each device, it is also necessary for that data to be synchronized across all of the devices on which a user does their work.<p>But this is clearly not what's going on here. This project is just local software, like we've had forever.<p>If a fancy new "local first" buzzword makes local-only software seem more sexy, then I suppose I don't want to get too mad about it. I really like local software. But the autist in me likes it when technical terms have a well defined meaning.<p>[1]: <a href="https://www.inkandswitch.com/essay/local-first/" rel="nofollow">https://www.inkandswitch.com/essay/local-first/</a>
I don't expect "Linux MicroVMs for macOS" to have anything to do with clouds.
How does this compare to Apple container[1]?<p>I am excited by the innovation happening in the space!<p>1 - <a href="https://github.com/apple/container" rel="nofollow">https://github.com/apple/container</a>
apple container is more of a docker-style workflow, OCI images, registries, etc. shuru is just micro VMs with checkpointing, much simpler scope.
Has anyone tackled this for Windows? WSL isn’t ideal when shipping a consumer app to a non-developer target audience since it requires some setup.
The agent stack is splitting into specialized layers and sandboxing is clearly becoming its own thing. Shuru, E2B, Modal, Firecracker wrappers.<p>Earlier this month I wrote about how these layers have very different defensibility profiles and why going monolithic is the wrong call: <a href="https://philippdubach.com/posts/dont-go-monolithic-the-agent-stack-is-stratifying/" rel="nofollow">https://philippdubach.com/posts/dont-go-monolithic-the-agent...</a><p>EDIT: Spelling
Very cool. Was looking for something like this for a new project of mine. (I'm working on a project that is like a marriage of retool+OpenClaw. It's used by SME to quickly build inhouse apps)
What is the benefit of this over lima, for example?
Lima can do a lot of what shuru does if you set it up for it. the difference is mostly in defaults and how much you have to configure upfront. with shuru you get ephemeral VMs, no networking, and a clean rootfs on every run without touching a config file. shuru run and you're in. Checkpoints and branching are built into the CLI rather than being an experimental feature you have to figure out.
Lima is a much bigger and more mature project though. Shuru is something I am building partly to learn and partly because I wanted something with saner defaults for this specific use case.
Thanks for doing this. I had basically the same experience with Lima. It is very nice but the defaults are not what I want, and I don't like having to wonder whether I turned <i>off</i> the stuff that I don't want enabled. Better that everything is disabled by default and I selectively turn things on (like networking) as I need them.<p>I'm gonna give shuru a try. My main concern is being based on Alpine (seemingly the only option?) I may not be able to easily pull in the dependencies for the projects I'm working on, but I'll see how it goes.
This looks awesome. How would you recommend setting up an allowlist for external network communications (for cases where networking is enabled)?
I've noticed claude forks parallel agents on an assigned task. How would they communicate in isolated sandboxes like these?
Would it be cleaner and more effective for a harness to orchestrate swarms of agents in a single clean linux environment like OrbStack?
How does it compare to Lume. It uses Apple's native Virtualization Framework to run macOS and Linux VMs at near-native speed on Apple Silicon.
lume is a much more full featured VM manager, macOS and Linux VMs, API server, prebuilt images, python SDK etc. shuru is intentionally minimal.
Neat! I was looking for something like this
Why was using straigt containers not enough?
[dead]
[dead]
Use OrbStack. It’s faster than Virtualization.framework because it has its own hypervisor.
Not true, OrbStack uses Virtualization.framework: <a href="https://news.ycombinator.com/item?id=36189550">https://news.ycombinator.com/item?id=36189550</a>
Yes but they also use a custom linux kernel to achieve better performance than plain vz. I'm not technical enough to tell if it's bs, but it boots subsecond
I don't think they use Virtualization for most launches now
OrbStack is great but it is solving a different problem. it's a full Docker Desktop replacement. shuru is just a thin layer over Virtualization.framework for spinning up throwaway sandboxes.
OrbStack has some invasive elements inside it trying to provide filesystem integration, and the filesystem they use is not POSIX compliant and causes breakage with some build systems and other software.