fix(ci): stop boundary lint false-positive on fixtures; guard escaping local deps#139
Merged
Merged
Conversation
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
|
🚅 Deployed to the secure-exec-pr-139 environment in rivet-frontend
🚅 Deployed to the secure-exec-pr-139 environment in secure-exec
|
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
added 4 commits
June 27, 2026 16:42
…g local deps - check-secure-exec-boundary now skips boundary-check *.test.mjs files, which legitimately embed forbidden import specifiers as string fixtures (this was failing main since the registry-test-runtime-boundary test landed). - add check-no-escaping-local-deps: rejects link:/file:/path: deps whose target resolves outside the repo root (catches stray local-dev overrides) while allowing in-repo links and workspace crate paths. - wire both into scripts/ci.sh; add regression tests for each.
Pre-existing rustfmt drift on main, previously masked by the boundary-lint failure that aborted ci.sh before cargo fmt ran.
…cture guards Pre-existing main failure unmasked once the fmt drift was fixed: the chokepoint lint flagged new host-side V8 diagnostics (AGENTOS_MODULE_TRACE, AGENTOS_SYNCRPC_LAT, PI_SNAPSHOT_BUNDLE_PATH) and the SECURE_EXEC_LOG startup knob. These are host-only, not guest-reachable, so allowlist them with justification per the lint's guidance.
…name #138 added Unlink/Rmdir/Rename to PythonVfsRpcMethod but left the rpc-bridge test's match non-exhaustive (E0004), breaking clippy --all-targets. This test's scenario doesn't mutate the FS, so treat those variants as unexpected.
NathanFlurry
force-pushed
the
fix/ci-boundary-fixture-and-local-dep-guard
branch
from
f5bdc92 to
a584556
Compare
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
added 2 commits
June 27, 2026 16:50
The committed patch was authored against an AsFd-based fd-lock; vendored 4.0.4 uses std::os::unix::io::AsRawFd, so the patch no longer applied and broke the WASM-command vendoring in the publish pipeline. Regenerated against the current source (generic AsOpenFile trait + real unsupported-target RwLock impls).
clippy --all-targets -D warnings flagged two 8+/7-arg test helpers.
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
#138's runner sets up a kernel-VFS-backed site-packages on boot, emitting VFS RPCs that the prewarm test's .wait() path could not service (PendingVfsRpcRequest). Drive the event loop and reject VFS RPCs so the runner's best-effort setup degrades; the execution still completes. Verified locally.
NathanFlurry
force-pushed
the
fix/ci-boundary-fixture-and-local-dep-guard
branch
from
10ff8d3 to
9f62c1c
Compare
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
The test hardcoded a 1 MiB SIDECAR_FRAME_CAP, but production validates limits with wire::DEFAULT_MAX_FRAME_BYTES (16 MiB; lib.rs/state.rs). The default fetch body cap tracks that 16 MiB, so the stale 1 MiB test cap made even the default config fail validation. Align the test constant to 16 MiB.
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
… model normalize_python_vfs_rpc_path roots at / and resolves textual ../. segments, deferring confinement to the kernel/mount layer (openat2 RESOLVE_BENEATH) per the trust model. The test still asserted the old workspace-prefix rejection; update it to expect textual resolution and rename accordingly. Only relative paths are rejected.
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
#137 added the 'reedline' feature to cmd-sh for native PTY support, but reedline pulls brush-interactive's tokio block_in_place/Handle::block_on paths, which don't compile or run on single-threaded wasm — breaking the wasm command build (masked until the fd-lock patch fix let the build reach brush). Enable reedline only on native targets; wasm keeps 'minimal' (the pre-#137 wasm-building config).
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-139
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-139
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
main:check-secure-exec-boundarywas text-scanningscripts/and flagging the@rivet-dev/agentos-coreimport specifiers embedded as string fixtures insidecheck-registry-test-runtime-boundary.test.mjs. It now skips boundary-checkscripts/check-*.test.mjsfiles (which exist to assert those imports are rejected).check-no-escaping-local-deps: rejectslink:/file:/path:dependencies whose target resolves outside the repo root (catches stray local-dev overrides left in a manifest), while allowing in-repo links, fixtures, and workspace crate paths.scripts/ci.shand adds a regression test for each.