Microsoft/vscode
1
0
Fork 0
mirror of https://github.com/microsoft/vscode.git synced 2026-04-02 08:15:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

[Terminal_Sandboxing]Adding default allowWrite folders. (#299367)

Browse Source 
* code changes

* updating tmp folder based on OS
This commit is contained in:
dileepyavan
2026-03-04 22:13:46 -08:00
committed by GitHub
parent b929e4a80a
commit 7344939be3
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/vs/workbench/contrib/terminalContrib/chatAgentTools/common/terminalSandboxService.ts
View File

@@ -47,6 +47,7 @@ export class TerminalSandboxService extends Disposable implements ITerminalSandb
private _remoteEnvDetails: IRemoteAgentEnvironment | null = null;
private _appRoot: string;
private _os: OperatingSystem = OS;
private _defaultWritePaths: string[] = ['~/.npm'];
constructor(
@IConfigurationService private readonly _configurationService: IConfigurationService,
@@ -163,6 +164,9 @@ export class TerminalSandboxService extends Disposable implements ITerminalSandb
? this._configurationService.getValue<{ denyRead?: string[]; allowWrite?: string[]; denyWrite?: string[] }>(TerminalChatAgentToolsSettingId.TerminalSandboxMacFileSystem) ?? {}
: {};
const configFileUri = URI.joinPath(this._tempDir, `vscode-sandbox-settings-${this._sandboxSettingsId}.json`);
const defaultAllowWrite = [...this._defaultWritePaths];
const linuxAllowWrite = [...new Set([...defaultAllowWrite, ...(linuxFileSystemSetting.allowWrite ?? [])])];
const macAllowWrite = [...new Set([...defaultAllowWrite, ...(macFileSystemSetting.allowWrite ?? [])])];
let allowedDomains = networkSetting.allowedDomains ?? [];
if (networkSetting.allowTrustedDomains) {
@@ -176,7 +180,7 @@ export class TerminalSandboxService extends Disposable implements ITerminalSandb
},
filesystem: {
denyRead: this._os === OperatingSystem.Macintosh ? macFileSystemSetting.denyRead : linuxFileSystemSetting.denyRead,
allowWrite: this._os === OperatingSystem.Macintosh ? macFileSystemSetting.allowWrite : linuxFileSystemSetting.allowWrite,
allowWrite: this._os === OperatingSystem.Macintosh ? macAllowWrite : linuxAllowWrite,
denyWrite: this._os === OperatingSystem.Macintosh ? macFileSystemSetting.denyWrite : linuxFileSystemSetting.denyWrite,
}
};
@@ -203,6 +207,9 @@ export class TerminalSandboxService extends Disposable implements ITerminalSandb
const environmentService = this._environmentService as IEnvironmentService & { tmpDir?: URI };
this._tempDir = environmentService.tmpDir;
}
if (this._tempDir) {
this._defaultWritePaths.push(this._tempDir.path);
}
if (!this._tempDir) {
this._logService.warn('TerminalSandboxService: Cannot create sandbox settings file because no tmpDir is available in this environment');
}