Add deletion tracking and directory fd support (v0.10.0)#84
Merged
Conversation
- Add s_unlink and s_rmdir handlers that queue deletions for approval - Support opening directories with O_RDONLY for fd-based operations - Implement fdopendir, rewinddir, dirfd for directory enumeration - Add *at syscalls: openat, unlinkat, fstatat64 - Fix RealDir/RealFile stat() to return real filesystem inodes (required for os.path.samestat compatibility) - Add dup/rpy_dup_noninheritable for os.listdir(fd) - Fix closedir to close underlying fd per POSIX (prevents fd leaks) - Increase fd limits for deep recursive directory trees - Add PendingDeletion dataclass and session integration - Update approve TUI to display pending deletions - Add audit logging for deletion events - Show deletion count in session summary - Move verbose DRY-RUN output to --debug mode only - Add SHANNOT_SANDBOX=1 environment variable for sandbox detection - Fix unlinkat to detect file vs directory from actual filesystem
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
- Add type annotations to s_rewinddir in virtualizedproc.py and mix_vfs.py to fix incompatible base class method signature errors - Add mixin attribute declarations (debug_errors, virtual_cwd, remote_target) to MixVFS class for type checking - Simplify hasattr checks to direct attribute access now that defaults exist - Import Ptr in mix_vfs.py for type annotation
Address CodeQL warnings about empty except blocks by adding comments explaining why errors are intentionally ignored: - File size is optional metadata when tracking deletions - Original file content may be unreadable for new/permission-restricted files
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
shutil.rmtree()and file deletions are now queued for approval instead of being blockedSHANNOT_SANDBOX=1environment variable for scripts to detect sandbox modeChanges
New syscalls
fdopendir,dirfd,rewinddir- directory stream operationsopenat,unlinkat,fstatat64- fd-relative file operationsdup,rpy_dup_noninheritable- file descriptor duplicationFixes
RealDir/RealFilenow return real filesystem inodes foros.path.samestat()compatibilityclosedirproperly closes underlying fd per POSIX (prevents fd leaks)Integration
Test plan
cleanup.py) successfully queues deletionsshannot approve executedeletes files and directories correctly