hi, thanks for an interesting and nicely complementary tool! (we built cargo-deny that does dependency graph linting)

tested using cackle on one of our larger projects and one problem ran into was that crates that use system libraries such as gdk-sys & pango-sys fail to build when sandboxing is enabled. But it also does not seem to be possible to disable sandboxing on non-build scripts? which I believe is needed for this so the build can use its system library, and hope could be supported.

This is the the error we run into with sandboxing enabled:

but if I add:

[pkg.pango-sys]
sandbox.kind = "Disabled"

we fail on:

$ cackle ui
Invalid config /home/repi/git/embark/ark/cackle.toml
  Sandbox config for regular package `pango-sys` isn't permitted

never mind, I was just confused and new with the tool, it is the build script that the sandboxing needs to be disabled for.

so things work the way they should

Glad you figured it out. It sounds like you're editing the configuration manually. Did you see that you can press 'f' to get automatic edits for a problem? One of the automatic edits for a failed build script should be to disable the sandbox for that build script.

yeah I did a bit of both, reading and editing the config file manually to fully understand it, and using the 'f' diff fix. And that indeed did the right thing for this problem. been working well in general!