Microsoft/vscode
1
0
Fork 0
mirror of https://github.com/microsoft/vscode.git synced 2026-04-18 07:47:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

[Terminal_Sandboxing]Adding default allowWrite folders. (#299367)

Browse Source 
* code changes

* updating tmp folder based on OS
This commit is contained in:
dileepyavan
2026-03-04 22:13:46 -08:00
committed by GitHub
parent b929e4a80a
commit 7344939be3
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/vs/workbench/contrib/terminalContrib/chatAgentTools/common/terminalSandboxService.ts
View File

@@ -47,6 +47,7 @@ export class TerminalSandboxService extends Disposable implements ITerminalSandb
private _remoteEnvDetails: IRemoteAgentEnvironment | null = null; private _remoteEnvDetails: IRemoteAgentEnvironment | null = null;
private _appRoot: string; private _appRoot: string;
private _os: OperatingSystem = OS; private _os: OperatingSystem = OS;
private _defaultWritePaths: string[] = ['~/.npm'];
constructor( constructor(
@IConfigurationService private readonly _configurationService: IConfigurationService, @IConfigurationService private readonly _configurationService: IConfigurationService,
@@ -163,6 +164,9 @@ export class TerminalSandboxService extends Disposable implements ITerminalSandb
? this._configurationService.getValue<{ denyRead?: string[]; allowWrite?: string[]; denyWrite?: string[] }>(TerminalChatAgentToolsSettingId.TerminalSandboxMacFileSystem) ?? {} ? this._configurationService.getValue<{ denyRead?: string[]; allowWrite?: string[]; denyWrite?: string[] }>(TerminalChatAgentToolsSettingId.TerminalSandboxMacFileSystem) ?? {}
: {}; : {};
const configFileUri = URI.joinPath(this._tempDir, `vscode-sandbox-settings-${this._sandboxSettingsId}.json`); const configFileUri = URI.joinPath(this._tempDir, `vscode-sandbox-settings-${this._sandboxSettingsId}.json`);
const defaultAllowWrite = [...this._defaultWritePaths];
const linuxAllowWrite = [...new Set([...defaultAllowWrite, ...(linuxFileSystemSetting.allowWrite ?? [])])];
const macAllowWrite = [...new Set([...defaultAllowWrite, ...(macFileSystemSetting.allowWrite ?? [])])];
let allowedDomains = networkSetting.allowedDomains ?? []; let allowedDomains = networkSetting.allowedDomains ?? [];
if (networkSetting.allowTrustedDomains) { if (networkSetting.allowTrustedDomains) {
@@ -176,7 +180,7 @@ export class TerminalSandboxService extends Disposable implements ITerminalSandb
}, },
filesystem: { filesystem: {
denyRead: this._os === OperatingSystem.Macintosh ? macFileSystemSetting.denyRead : linuxFileSystemSetting.denyRead, denyRead: this._os === OperatingSystem.Macintosh ? macFileSystemSetting.denyRead : linuxFileSystemSetting.denyRead,
allowWrite: this._os === OperatingSystem.Macintosh ? macFileSystemSetting.allowWrite : linuxFileSystemSetting.allowWrite, allowWrite: this._os === OperatingSystem.Macintosh ? macAllowWrite : linuxAllowWrite,
denyWrite: this._os === OperatingSystem.Macintosh ? macFileSystemSetting.denyWrite : linuxFileSystemSetting.denyWrite, denyWrite: this._os === OperatingSystem.Macintosh ? macFileSystemSetting.denyWrite : linuxFileSystemSetting.denyWrite,
} }
}; };
@@ -203,6 +207,9 @@ export class TerminalSandboxService extends Disposable implements ITerminalSandb
const environmentService = this._environmentService as IEnvironmentService & { tmpDir?: URI }; const environmentService = this._environmentService as IEnvironmentService & { tmpDir?: URI };
this._tempDir = environmentService.tmpDir; this._tempDir = environmentService.tmpDir;
} }
if (this._tempDir) {
this._defaultWritePaths.push(this._tempDir.path);
}
if (!this._tempDir) { if (!this._tempDir) {
this._logService.warn('TerminalSandboxService: Cannot create sandbox settings file because no tmpDir is available in this environment'); this._logService.warn('TerminalSandboxService: Cannot create sandbox settings file because no tmpDir is available in this environment');
} }