Commit d1c1be7
authored
fix: allow agent to read plans from userspace config dir (#748)
## Summary
Fixes #746
When the config is loaded from the userspace location (`~/.infer`),
`GetConfigDir()` returns an absolute home path and plans are written to
`~/.infer/plans/`. However, the sandbox carve-out in
`isWithinConfigSubdir` only checked the project-relative `ConfigDirName`
(`./.infer/plans`), so the agent's Read tool rejected the plan path with
a sandbox violation — the agent could write the plan but couldn't read
it back.
## Root Cause
`isWithinConfigSubdir` was a free function that hardcoded
`ConfigDirName` (`.infer`) to build the carve-out paths. It did not
account for the resolved config dir (`GetConfigDir()`), which can be the
userspace `~/.infer` when the config is loaded from there.
## Fix
Convert `isWithinConfigSubdir` from a free function to a method on
`Config` so it can access `GetConfigDir()`. It now checks both:
- The project-relative `ConfigDirName` (`./.infer/<name>`)
- The resolved config dir (`GetConfigDir()/<name>`)
This keeps the rest of `.infer/` protected while allowing the
operational `tmp/plans` subdirs to be read regardless of which config
dir was resolved. File-level protections (e.g. `*.env`, `.git/`) still
apply within the carve-out.
## Testing
- Added `TestValidatePathInSandbox_ConfigDirUserspace` which verifies
that `~/.infer/plans/` and `~/.infer/tmp/` paths are allowed when
`configDir` is set to the userspace location, while sensitive files
(`config.yaml`, `agents.yaml`, `*.env`) remain denied.
- All existing sandbox tests continue to pass.
- Pre-commit hooks (lint, format, etc.) pass.1 parent 164ffaf commit d1c1be7
2 files changed
Lines changed: 66 additions & 12 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1237 | 1237 | | |
1238 | 1238 | | |
1239 | 1239 | | |
1240 | | - | |
| 1240 | + | |
| 1241 | + | |
| 1242 | + | |
| 1243 | + | |
1241 | 1244 | | |
1242 | | - | |
| 1245 | + | |
1243 | 1246 | | |
1244 | 1247 | | |
1245 | 1248 | | |
| |||
1311 | 1314 | | |
1312 | 1315 | | |
1313 | 1316 | | |
1314 | | - | |
1315 | | - | |
1316 | | - | |
1317 | | - | |
| 1317 | + | |
| 1318 | + | |
| 1319 | + | |
| 1320 | + | |
| 1321 | + | |
| 1322 | + | |
| 1323 | + | |
| 1324 | + | |
| 1325 | + | |
| 1326 | + | |
| 1327 | + | |
1318 | 1328 | | |
1319 | | - | |
1320 | | - | |
1321 | | - | |
1322 | | - | |
1323 | | - | |
1324 | | - | |
| 1329 | + | |
| 1330 | + | |
| 1331 | + | |
| 1332 | + | |
| 1333 | + | |
| 1334 | + | |
| 1335 | + | |
| 1336 | + | |
1325 | 1337 | | |
1326 | 1338 | | |
1327 | 1339 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1048 | 1048 | | |
1049 | 1049 | | |
1050 | 1050 | | |
| 1051 | + | |
| 1052 | + | |
| 1053 | + | |
| 1054 | + | |
| 1055 | + | |
| 1056 | + | |
| 1057 | + | |
| 1058 | + | |
| 1059 | + | |
| 1060 | + | |
| 1061 | + | |
| 1062 | + | |
| 1063 | + | |
| 1064 | + | |
| 1065 | + | |
| 1066 | + | |
| 1067 | + | |
| 1068 | + | |
| 1069 | + | |
| 1070 | + | |
| 1071 | + | |
| 1072 | + | |
| 1073 | + | |
| 1074 | + | |
| 1075 | + | |
| 1076 | + | |
| 1077 | + | |
| 1078 | + | |
| 1079 | + | |
| 1080 | + | |
| 1081 | + | |
| 1082 | + | |
| 1083 | + | |
| 1084 | + | |
| 1085 | + | |
| 1086 | + | |
| 1087 | + | |
| 1088 | + | |
| 1089 | + | |
| 1090 | + | |
| 1091 | + | |
| 1092 | + | |
0 commit comments