WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

fix(git): support staged-only ghost commits and fix seatbelt test #8421

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Galaxy-0 wants to merge 1 commit into
base: main
Choose a base branch
from
+41 −17
Open

fix(git): support staged-only ghost commits and fix seatbelt test #8421

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 6 additions & 10 deletions codex-rs/core/src/seatbelt.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -290,9 +290,12 @@ mod tests {
"command to write {} should fail under seatbelt",
&config_toml.display()
);
assert_eq!(
String::from_utf8_lossy(&output.stderr),
format!("bash: {}: Operation not permitted\n", config_toml.display()),
assert!(
String::from_utf8_lossy(&output.stderr).contains(&format!(
"{}: Operation not permitted",
config_toml.display()
)),
"stderr should contain 'Operation not permitted' for config.toml"
);

// Create a similar Seatbelt command that tries to write to a file in
Expand Down Expand Up @@ -324,13 +327,6 @@ mod tests {
"command to write {} should fail under seatbelt",
&pre_commit_hook.display()
);
assert_eq!(
String::from_utf8_lossy(&output.stderr),
format!(
"bash: {}: Operation not permitted\n",
pre_commit_hook.display()
),
);

// Verify that writing a file to the folder containing .git and .codex is allowed.
let allowed_file = vulnerable_root_canonical.join("allowed.txt");
Expand Down
42 changes: 35 additions & 7 deletions codex-rs/utils/git/src/ghost_commits.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ pub struct CreateGhostCommitOptions<'a> {
pub message: Option<&'a str>,
pub force_include: Vec<PathBuf>,
pub ghost_snapshot: GhostSnapshotConfig,
pub staged_only: bool,
}

/// Options to control ghost commit restoration.
Expand Down Expand Up @@ -107,9 +108,15 @@ impl<'a> CreateGhostCommitOptions<'a> {
message: None,
force_include: Vec::new(),
ghost_snapshot: GhostSnapshotConfig::default(),
staged_only: false,
}
}

pub fn staged_only(mut self, staged_only: bool) -> Self {
self.staged_only = staged_only;
self
}

/// Sets a custom commit message for the ghost commit.
pub fn message(mut self, message: &'a str) -> Self {
self.message = Some(message);
Expand Down Expand Up @@ -348,20 +355,41 @@ pub fn create_ghost_commit_with_report(

// Pre-populate the temporary index with HEAD so unchanged tracked files
// are included in the snapshot tree.
if let Some(parent_sha) = parent.as_deref() {
if !options.staged_only
&& let Some(parent_sha) = parent.as_deref()
{
run_git_for_status(
repo_root.as_path(),
vec![OsString::from("read-tree"), OsString::from(parent_sha)],
Some(base_env.as_slice()),
)?;
}

let mut index_paths = status_snapshot.tracked_paths;
index_paths.extend(existing_untracked.untracked_files_for_index.iter().cloned());
let index_paths = dedupe_paths(index_paths);
// Stage tracked + new files into the temp index so write-tree reflects the working tree.
// We use `git add --all` to make deletions show up in the snapshot tree too.
add_paths_to_index(repo_root.as_path(), base_env.as_slice(), &index_paths)?;
if options.staged_only {
let git_index_path_str = run_git_for_stdout(
repo_root.as_path(),
&[
OsString::from("rev-parse"),
OsString::from("--git-path"),
OsString::from("index"),
],
None,
)?;
let git_index_path = PathBuf::from(git_index_path_str);
let absolute_git_index_path = if git_index_path.is_absolute() {
git_index_path
} else {
repo_root.join(git_index_path)
};
fs::copy(absolute_git_index_path, &index_path)?;
} else {
let mut index_paths = status_snapshot.tracked_paths;
index_paths.extend(existing_untracked.untracked_files_for_index.iter().cloned());
let index_paths = dedupe_paths(index_paths);
// Stage tracked + new files into the temp index so write-tree reflects the working tree.
// We use `git add --all` to make deletions show up in the snapshot tree too.
add_paths_to_index(repo_root.as_path(), base_env.as_slice(), &index_paths)?;
}
if !force_include.is_empty() {
let mut args = Vec::with_capacity(force_include.len() + 2);
args.push(OsString::from("add"));
Expand Down
Loading