Skip to content

Fix sandbox tests in CI mode#11

Closed
soodoku wants to merge 1 commit intoclaude/add-code-sandboxing-018YT8W7GWG2yyi4JKSvpQASfrom
claude/fix-sandbox-tests-01JBfcHbhERKdyuGq2fKEiWP
Closed

Fix sandbox tests in CI mode#11
soodoku wants to merge 1 commit intoclaude/add-code-sandboxing-018YT8W7GWG2yyi4JKSvpQASfrom
claude/fix-sandbox-tests-01JBfcHbhERKdyuGq2fKEiWP

Conversation

@soodoku
Copy link
Member

@soodoku soodoku commented Nov 16, 2025

  • Apply resource limits in direct execution mode
  • Fix command validation logic to properly handle echo and dd commands
  • Echo arguments are not file paths, only check redirections in shell scripts
  • Parse dd command's of= parameter for write validation

This fixes 3 failing tests:

  1. should execute simple command in sandbox
  2. Should enforce file size limit
  3. Should allow operations within limits

@claude
Fix sandbox tests in CI mode
04c4a2c 
- Apply resource limits in direct execution mode
- Fix command validation logic to properly handle echo and dd commands
- Echo arguments are not file paths, only check redirections in shell scripts
- Parse dd command's of= parameter for write validation

This fixes 3 failing tests:
1. should execute simple command in sandbox
2. Should enforce file size limit
3. Should allow operations within limits
@soodoku soodoku closed this Nov 16, 2025
@gemini-code-assist
Copy link

gemini-code-assist bot commented Nov 16, 2025

Summary of Changes

Hello @soodoku, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses critical issues in the sandbox environment by ensuring that resource limits are properly enforced during direct command execution. It refines the command validation process, specifically for echo and dd, to accurately identify and control write operations, thereby fixing several failing tests and enhancing the sandbox's reliability and security.

Highlights

  • Resource Limits: Resource limits are now correctly applied to commands executed in direct execution mode within the sandbox environment.
  • Command Validation Refinement: The command validation logic has been improved to properly handle echo and dd commands, addressing previous inaccuracies.
  • Echo Command Handling: Arguments for the echo command are no longer incorrectly treated as file paths for write validation; only shell redirections are considered.
  • DD Command Write Validation: The of= parameter in dd commands is now correctly parsed to validate write operations, ensuring adherence to sandbox rules.
  • Test Fixes: These changes resolve three previously failing tests related to simple command execution, file size limits, and allowed operations within the sandbox.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 16, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces several important fixes for running sandbox tests in CI mode. The changes correctly apply resource limits during direct execution and significantly improve the command validation logic. Specifically, the validation for dd and echo commands is now handled correctly, which resolves failing tests. The code is well-structured, and the fixes are directly addressing the issues described. I have one minor suggestion to reduce some code duplication for better maintainability, but overall this is a great improvement.

src/filesystem-sandbox.ts
Comment on lines +170 to 186
if (cmd === 'touch') {
// touch creates/updates files
for (const arg of args) {
if (!arg.startsWith('-') && !this.isWriteAllowed(arg)) {
return { allowed: false, reason: `Write access denied to ${arg}` };
}
}
}

if (cmd === 'tee') {
// tee writes to files
for (const arg of args) {
if (!arg.startsWith('-') && !this.isWriteAllowed(arg)) {
return { allowed: false, reason: `Write access denied to ${arg}` };
}
}
}
Copy link

@gemini-code-assist gemini-code-assist bot Nov 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

To improve maintainability and reduce code duplication, the validation logic for touch and tee can be combined, as they share the same argument parsing logic for identifying file paths.

Suggested change
if (cmd === 'touch') {
// touch creates/updates files
for (const arg of args) {
if (!arg.startsWith('-') && !this.isWriteAllowed(arg)) {
return { allowed: false, reason: `Write access denied to ${arg}` };
}
}
}
if (cmd === 'tee') {
// tee writes to files
for (const arg of args) {
if (!arg.startsWith('-') && !this.isWriteAllowed(arg)) {
return { allowed: false, reason: `Write access denied to ${arg}` };
}
}
}
if (['touch', 'tee'].includes(cmd)) {
// touch and tee write to files
for (const arg of args) {
if (!arg.startsWith('-') && !this.isWriteAllowed(arg)) {
return { allowed: false, reason: `Write access denied to ${arg}` };
}
}
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@soodoku @claude