Skip to content

fix(gemini): guard against EACCES in workspace realpath during init#1912

Merged
piorpua merged 1 commit intomainfrom
fix/sentry-ELECTRON-BM
Mar 30, 2026
Merged

fix(gemini): guard against EACCES in workspace realpath during init#1912
piorpua merged 1 commit intomainfrom
fix/sentry-ELECTRON-BM

Conversation

@kaizhou-lab
Copy link
Copy Markdown
Collaborator

@kaizhou-lab kaizhou-lab commented Mar 30, 2026

Summary

Fixes ELECTRON-BM (60 occurrences, last seen 3 days ago on v1.9.1).

  • aioncli-core calls fs.realpath(workspace) internally without try-catch
  • The existing mkdir guard (ELECTRON-6W fix) handles ENOENT but not EACCES (permission denied)
  • Added fs.promises.realpath(path) after mkdir so the error is caught by the bootstrap chain instead of escaping as an unhandled promise rejection

Test plan

  • Added geminiWorkspaceEacces.test.ts — verifies realpath catches EACCES that mkdir alone misses
  • Existing geminiWorkspaceRecovery.test.ts still passes (no regression on ENOENT guard)
  • bunx tsc --noEmit passes
  • bun run lint:fix — 0 errors

@kaizhou-lab
fix(gemini): guard against EACCES in workspace realpath during init (…
69b65e7 
…ELECTRON-BM)

aioncli-core calls fs.realpath(workspace) internally without try-catch.
The existing mkdir guard handles ENOENT (deleted temp dirs) but not EACCES
(permission-denied dirs). Add an explicit realpath call after mkdir so the
error is caught by the bootstrap chain instead of escaping as an unhandled
promise rejection.
@kaizhou-lab kaizhou-lab marked this pull request as ready for review March 30, 2026 07:27
@piorpua piorpua added the bot:reviewing Review in progress (mutex) label Mar 30, 2026
@piorpua
Copy link
Copy Markdown
Contributor

piorpua commented Mar 30, 2026

Code Review:fix(gemini): guard against EACCES in workspace realpath during init (#1912)

变更概述

本 PR 修复 Sentry 错误 ELECTRON-BM(60 次出现,v1.9.1):aioncli-core 内部调用 fs.realpath(workspace) 时无 try-catch,当工作区目录存在权限限制(EACCES)时触发未处理的 Promise rejection。修复方案在 GeminiAgent.initialize()mkdir 调用之后新增一行 await fs.promises.realpath(path),使 EACCES 在进入 library 之前就被 bootstrap 链捕获。同时新增测试文件 geminiWorkspaceEacces.test.ts 验证该行为。

方案评估

结论:✅ 方案合理

一行预检的方式简洁有效——与现有 ENOENT 守卫模式(mkdir)保持一致,没有引入额外抽象。将第三方库无 try-catch 的 realpath 调用前置到可控边界,是修复第三方不可控代码最低侵入性的做法。返回值不使用是有意为之(只关心是否抛出),逻辑清晰。

问题清单

未发现阻塞性问题。以下为 LOW 级别观察供参考:

🔵 LOW — 测试验证的是构建块行为而非集成路径

文件tests/unit/geminiWorkspaceEacces.test.ts

说明:测试直接测试 fs.realpath 在 EACCES 场景下的行为,而非测试 GeminiAgent.initialize() 是否正确将该错误传播给调用方。这意味着若未来有人意外 .catch(() => {}) 掉该调用,测试不会失败。

是否阻塞:否。initialize() 是私有方法,依赖较多,当前测试方式是合理的工程权衡。

汇总

# 严重级别 文件 问题
1 🔵 LOW geminiWorkspaceEacces.test.ts 测试验证构建块而非完整集成路径

结论

批准合并 — 无阻塞性问题,修复精准,测试覆盖充分。

本报告由本地 pr-review skill 生成,包含完整项目上下文,无截断限制。

CONCLUSION: APPROVED
IS_CRITICAL_PATH: false
PR_NUMBER: 1912

@piorpua
Copy link
Copy Markdown
Contributor

piorpua commented Mar 30, 2026

✅ 已自动 review,无阻塞性问题,正在触发自动合并。

@piorpua piorpua merged commit 5e52722 into main Mar 30, 2026
17 checks passed
@piorpua piorpua deleted the fix/sentry-ELECTRON-BM branch March 30, 2026 09:17
@piorpua piorpua added bot:done Auto-merged by bot and removed bot:reviewing Review in progress (mutex) labels Mar 30, 2026
wuhao1477 added a commit to wuhao1477/AionUi that referenced this pull request Mar 30, 2026
@wuhao1477
Merge branch 'main' of github.com:wuhao1477/AionUi
6cd8e6f 
* 'main' of github.com:wuhao1477/AionUi: (40 commits)
  fix(agents): prevent unhandled promise rejection in bootstrap initialization (iOfficeAI#1933)
  fix(gemini): restore context after stopping a reply (iOfficeAI#1932)
  fix(codex): reject start promise immediately on process exit during startup (iOfficeAI#1929)
  fix(conversation): sync renamed titles with detail view (iOfficeAI#1927)
  fix(paste): deduplicate filenames when pasting multiple images simultaneously
  fix(mobile): add SafeArea support and update app icon (iOfficeAI#1926)
  fix(database): guard against undefined params in databaseBridge providers (iOfficeAI#1924)
  fix(conversation): validate type field before creating conversation (iOfficeAI#1921)
  fix(docs): restore wechat_group_5.png reference to wx-5.png in readme
  fix(snapshot): add maxBuffer to git add/commit exec calls (iOfficeAI#1914)
  refactor(acp): consolidate AGENT_SKILLS_DIRS into ACP_BACKENDS_ALL (iOfficeAI#1913)
  fix(gemini): guard against EACCES in workspace realpath during init (ELECTRON-BM) (iOfficeAI#1912)
  fix(channels): send raw QR ticket instead of page URL in WeChat WebUI login SSE (iOfficeAI#1910)
  .md format
  chore(pr-automation): fix missed sleep 5 in comment to sleep 10
  chore(pr-automation): increase auto-merge retry delay to 10s
  chore(pr-automation): add 5s retry for transient GitHub mergeStateStatus UNKNOWN
  fix(docs): remove trailing whitespace in OfficeCLI readmes
  chore(pr-automation): verify auto-merge success before labeling bot:done
  fix(snapshot): guard against non-existent workspace in WorkspaceSnapshotService.init (iOfficeAI#1906)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bot:done Auto-merged by bot

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kaizhou-lab @piorpua