Skip to content

fix(tools): expand ~ in allowed_paths before canonicalization#2119

Merged
bug-ops merged 2 commits intomainfrom
fix-2115-tilde-allowed-paths
Mar 22, 2026
Merged

fix(tools): expand ~ in allowed_paths before canonicalization#2119
bug-ops merged 2 commits intomainfrom
fix-2115-tilde-allowed-paths

Conversation

@bug-ops
Copy link
Copy Markdown
Owner

@bug-ops bug-ops commented Mar 22, 2026

Summary

  • FileExecutor::new now expands ~ in allowed_paths using dirs::home_dir() before canonicalization
  • Previously, tilde-prefixed paths silently blocked all file access (sandbox violation on every tool call)
  • Fix is contained entirely in FileExecutor::new — no call-site changes required

Root Cause

Path::canonicalize("~/...") returns Err because tilde is not a shell metacharacter in Rust filesystem APIs. The unwrap_or(p) fallback retained the literal ~/ path, so starts_with never matched real absolute paths.

Changes

  • crates/zeph-tools/src/file.rs: add expand_tilde() helper, apply in FileExecutor::new
  • crates/zeph-tools/Cargo.toml: add dirs workspace dep
  • 4 new unit tests: tilde_path_is_expanded, absolute_path_unchanged, tilde_only_expands_to_home, empty_allowed_paths_uses_cwd

Test Plan

  • cargo +nightly fmt --check passes
  • cargo clippy --workspace --features full -- -D warnings passes (0 warnings)
  • cargo nextest run --workspace --lib --bins passes (5919/5919)
  • New tests: tilde_path_is_expanded, absolute_path_unchanged, tilde_only_expands_to_home, empty_allowed_paths_uses_cwd

Closes #2115

@bug-ops
fix(tools): expand ~ in allowed_paths before canonicalization
a2b3080 
FileExecutor::new now resolves tilde-prefixed paths using dirs::home_dir()
before calling canonicalize(). Previously, Path::canonicalize() returned Err
for literal ~/... paths, causing unwrap_or to retain the unexpanded path and
making all sandbox checks fail with SandboxViolation.

Closes #2115
@github-actions github-actions bot added bug Something isn't working size/M Medium PR (51-200 lines) documentation Improvements or additions to documentation rust Rust code changes dependencies Dependency updates and removed size/M Medium PR (51-200 lines) labels Mar 22, 2026
@github-actions github-actions bot added the size/M Medium PR (51-200 lines) label Mar 22, 2026
@bug-ops bug-ops enabled auto-merge (squash) March 22, 2026 13:16
@bug-ops bug-ops merged commit 042d6c2 into main Mar 22, 2026
25 checks passed
@bug-ops bug-ops deleted the fix-2115-tilde-allowed-paths branch March 22, 2026 13:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug Something isn't working dependencies Dependency updates documentation Improvements or additions to documentation rust Rust code changes size/M Medium PR (51-200 lines)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

fix(tools): FileExecutor does not expand ~ in allowed_paths, blocking all file access

1 participant

@bug-ops