Skip to content

fix(tool-sandbox): skip missing fs_read/fs_write dirs instead of erroring#1253

Open
kipz wants to merge 3 commits into
always-further:mainfrom
kipz:kipz/fix-tool-sandbox-missing-dirs
Open

fix(tool-sandbox): skip missing fs_read/fs_write dirs instead of erroring#1253
kipz wants to merge 3 commits into
always-further:mainfrom
kipz:kipz/fix-tool-sandbox-missing-dirs

Conversation

@kipz

@kipz kipz commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Linked Issue

Closes #1252

Summary

fs_read_file entries in add_policy_fs already silently skip missing paths via add_optional_read_file. fs_read and fs_write directory entries used
FsCapability::new_dir(...)? which propagated PathNotFound as a hard error, preventing the tool-sandbox from starting when a profile grants a directory that
doesn't exist on that machine.

Add add_optional_dir with the same warn-and-skip pattern and use it for both fs_read and fs_write in add_policy_fs on macOS and Linux.

Test Plan

Existing nono-cli test suite passes. Manual verification: profile with a non-existent fs_read directory no longer errors on tool-sandbox startup.

Checklist

  • An issue exists and is linked above
  • All commits are signed-off, using DCO
  • All new code follows the project's coding standards (CLAUDE.md) and is covered by tests
  • Public-facing changes are paired with documentation updates
  • Release note has been added to CHANGELOG.md if needed

@kipz
fix(tool-sandbox): skip missing fs_read/fs_write dirs instead of erro…
128eebc 
…ring

fs_read_file already used add_optional_read_file to silently skip missing
paths. fs_read and fs_write directory entries used FsCapability::new_dir()?
which propagated PathNotFound as a hard error, preventing the tool-sandbox
from starting when a profile grants a directory that doesn't exist on that
machine.

Add add_optional_dir with the same warn-and-skip pattern and use it for
both fs_read and fs_write entries in add_policy_fs on macOS and Linux.

Signed-off-by: James Carnegie <me@kipz.org>
@github-actions github-actions Bot added bug Something isn't working nono-cli size/small labels Jun 24, 2026
@github-actions

github-actions Bot commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

PR Review Summary

Size

Metric Value
Lines added +28
Lines removed -4
Total changed 32
Classification Small (< 50 lines)

Affected crates

  • crates/nono-cli — CLI changes. Verify argument parsing, flag documentation, and UX behaviour across supported platforms.

Blast radius — Moderate

This PR touches: source code,documentation

Updated automatically on each push to this PR.

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 24, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the tool-sandbox platform implementations for Linux and macOS to skip missing fs_read and fs_write directories during startup instead of throwing an error. This is implemented via a new helper function add_optional_dir which handles NonoError::PathNotFound gracefully, matching the existing behavior for files. There are no review comments to evaluate, and the changes look correct and consistent.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

@kipz
ci: retrigger
c21f530 
Signed-off-by: James Carnegie <me@kipz.org>
@kipz kipz force-pushed the kipz/fix-tool-sandbox-missing-dirs branch from d30f610 to c21f530 Compare June 24, 2026 21:12
@kipz
ci: retrigger
8a600c7 
Signed-off-by: James Carnegie <me@kipz.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

bug Something isn't working nono-cli size/small

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

tool-sandbox: hard error on missing fs_read/fs_write directory instead of skipping

1 participant

@kipz