add Lua sandbox with timer system (milestones 1-5 complete)

sandbox-test/README.md

@@ -0,0 +1,132 @@
+# Sandbox Security Tests
+
+Automated tests for the Mosis Lua sandbox security implementation.
+
+## Prerequisites
+
+- CMake 3.22+
+- vcpkg with packages: `lua`, `nlohmann-json`
+- MSVC or compatible C++23 compiler
+
+## Build
+
+```bash
+# From sandbox-test directory
+cd D:\Dev\Mosis\MosisService\sandbox-test
+
+# Configure with vcpkg
+cmake -B build -DCMAKE_TOOLCHAIN_FILE=%VCPKG_ROOT%/scripts/buildsystems/vcpkg.cmake
+
+# Build
+cmake --build build --config Debug
+```
+
+## Run Tests
+
+### Run All Tests (Uber Command)
+
+```bash
+# Windows
+.\run_tests.bat
+
+# Or directly
+.\build\Debug\sandbox-test.exe
+```
+
+### Run Specific Test
+
+```bash
+.\build\Debug\sandbox-test.exe --test DangerousGlobals
+.\build\Debug\sandbox-test.exe --test Memory
+.\build\Debug\sandbox-test.exe --test CPU
+```
+
+### Custom Output File
+
+```bash
+.\build\Debug\sandbox-test.exe --output my_results.json
+```
+
+## Test List
+
+| Test Name | Description | Script |
+|-----------|-------------|--------|
+| `DangerousGlobalsRemoved` | Verifies os, io, debug, etc. are nil | `test_globals_removed.lua` |
+| `BytecodeRejected` | Verifies binary Lua chunks are rejected | (C++ only) |
+| `MemoryLimitEnforced` | Verifies memory allocation limit works | `test_memory_limit.lua` |
+| `CPULimitEnforced` | Verifies instruction count limit works | `test_cpu_limit.lua` |
+| `MetatableProtected` | Verifies _G and string metatable are frozen | `test_metatable_protected.lua` |
+| `SafeOperationsWork` | Verifies normal Lua operations still work | `test_safe_operations.lua` |
+| `StringDumpRemoved` | Verifies string.dump is nil | `test_string_dump_removed.lua` |
+| `MemoryTracking` | Verifies memory usage is tracked | (C++ only) |
+| `InstructionCounting` | Verifies instruction count is tracked | (C++ only) |
+| `MultipleLoads` | Verifies multiple scripts can be loaded | (C++ only) |
+| `ErrorRecovery` | Verifies sandbox recovers from errors | (C++ only) |
+
+## Output Format
+
+Tests produce a JSON report at `test_results.json`:
+
+```json
+{
+  "name": "Lua Sandbox Security Tests",
+  "timestamp": "2024-01-15T10:30:00Z",
+  "summary": {
+    "passed": 11,
+    "failed": 0,
+    "total": 11
+  },
+  "tests": [
+    {
+      "name": "DangerousGlobalsRemoved",
+      "status": "passed",
+      "duration_ms": 5
+    }
+  ]
+}
+```
+
+## Exit Codes
+
+- `0` - All tests passed
+- `1` - One or more tests failed
+
+## Adding New Tests
+
+1. Create Lua script in `scripts/` directory
+2. Add C++ test function in `main.cpp`:
+   ```cpp
+   bool Test_MyNewTest(std::string& error_msg) {
+       LuaSandbox sandbox(TestContext());
+       // ... test logic
+       return true;
+   }
+   ```
+3. Register in `main()`:
+   ```cpp
+   harness.AddTest("MyNewTest", Test_MyNewTest);
+   ```
+
+## Debugging Failed Tests
+
+1. Run specific test: `--test TestName`
+2. Check Lua script in `scripts/` for expected behavior
+3. Check `test_results.json` for error details
+4. Add print statements to Lua scripts (output goes to console)
+
+## CI Integration
+
+```bash
+# In CI script
+cd sandbox-test
+cmake -B build -DCMAKE_TOOLCHAIN_FILE=$VCPKG_ROOT/scripts/buildsystems/vcpkg.cmake
+cmake --build build --config Release
+./build/Release/sandbox-test.exe --output ci_results.json
+
+# Check exit code
+if [ $? -ne 0 ]; then
+    echo "Sandbox tests failed!"
+    cat ci_results.json
+    exit 1
+fi
+```