Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

mesh-sandbox

Package Overview
Dependencies
Maintainers
2
Versions
83
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

mesh-sandbox

NHSDigital mesh sandbox, a locally testable version of the MESH api

pipPyPI
Version
1.0.50
Maintainers
2

MESH Sandbox

MESH sandbox for local testing of NHS Digital's MESH API.

Installation

Example use

pip

pip install mesh-sandbox
STORE_MODE=file MAILBOXES_DATA_DIR=/tmp/mesh uvicorn mesh_sandbox.api:app --reload --port 8700 --workers=1
curl http://localhost:8700/health

docker compose


services:

  mesh_sandbox:
    build: 
      context: https://github.com/NHSDigital/mesh-sandbox.git#refs/tags/v1.0.4
    ports:
      - "8700:443"
    deploy:
      restart_policy:
        condition: on-failure
        max_attempts: 3
    healthcheck:
      test: curl -ksf https://localhost/health || exit 1
      interval: 3s
      timeout: 10s
    environment:
      - SHARED_KEY=TestKey
      - SSL=yes
#      - STORE_MODE=file  # store mode file will persist data to disk
    volumes:
      # mount a different mailboxes.jsonl to pre created mailboxes
      - ./src/mesh_sandbox/store/data/mailboxes.jsonl:/app/mesh_sandbox/store/data/mailboxes.jsonl:ro
      - ./src/mesh_sandbox/test_plugin:/app/mesh_sandbox/plugins:ro
      # you can mount a directory if you want access the stored messages
      #      - ./messages:/tmp/mesh_store
      # you can also mount different server cert and key if using ssl and you need a trusted certificate
#      - ./mycert.pem:/tmp/server-cert.pem:ro
#      - ./mycert.key:/tmp/server-cert.key:ro

Guidance for contributors

contributing

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

Research

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

By Socket Research Team  -  Feb 20, 2026
Socket Joins the OpenJS Foundation

Company News

Socket Joins the OpenJS Foundation

Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

By Sarah Gooding  -  Feb 19, 2026