fix: allow glob outside workspace#283
Conversation
🦋 Changeset detectedLatest commit: 147e33b The changes in this PR will be included in the next version bump. This PR includes changesets to release 2 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
commit: |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 67cdcd0bf9
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| workspace: this.workspace, | ||
| operation: 'search', | ||
| policy: { guardMode: 'strict', checkSensitive: false }, | ||
| policy: { guardMode: 'absolute-outside-allowed', checkSensitive: false }, |
There was a problem hiding this comment.
When this allows an absolute path outside the workspace, the existing result rendering still relativizes matches to the search root, so Glob({ path: '/extra', pattern: '*.py' }) shows test.py rather than /extra/test.py. Follow-up Read/Edit calls resolve relative paths against the workspace cwd, so the model can read or edit a same-named workspace file (or fail) instead of the outside match; outside-root glob results should remain absolute or include the root in the model-visible output.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 60efd82fab
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| const shouldRelativize = isWithinWorkspace(relBase, this.workspace, pathClass); | ||
| const displayLines = paths.map((p) => | ||
| shouldRelativize ? relativizeIfUnder(p, relBase, pathClass) : p, |
There was a problem hiding this comment.
When path is an explicit additionalDirs root such as /extra, this condition treats it as “within workspace” and still returns test.py instead of /extra/test.py; the new test even codifies that case. Because Read/Edit resolve relative paths against workspace.workspaceDir, a follow-up on the model-visible result will target /workspace/test.py rather than /extra/test.py. Fresh evidence beyond the prior outside-root comment is that isWithinWorkspace() includes additionalDirs, so the newly added guard still strips exactly these outside-working-directory roots.
Useful? React with 👍 / 👎.
1 participant
Related Issue
No linked issue; this addresses model tool calls being rejected when
Globis given an explicit absolute path outside the configured workspace roots.Problem
Globused a strict workspace path policy, so paths like/tmp/g10b-testwere rejected before the tool could run even though other file tools allow deliberate absolute paths outside the workspace. That made temporary directories and sibling repositories impossible to inspect with glob patterns.What changed
Globto use the same absolute-outside-allowed policy as the other file tools.Checklist
gen-changesetsskill, or this PR needs no changeset.gen-docsskill, or this PR needs no doc update.Verification
pnpm exec vitest run test/tools/glob.test.ts test/tools/path-guard.test.tspnpm --filter @moonshot-ai/agent-core typecheck