Skip to content

refactor(mediation): remove keychain_access flag in favour of explicit fs_read_file paths #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
christine-at-datadog wants to merge 19 commits into
base: develop
Choose a base branch
from
Open

refactor(mediation): remove keychain_access flag in favour of explicit fs_read_file paths #39

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
4b71efd
feat: add command mediation with admin approval and audit trail
kipz Apr 9, 2026
c978bbe
feat: add Swift menu bar app for nono privilege control
kipz Apr 9, 2026
5bfa664
docs: document command mediation
kipz Apr 9, 2026
37f9834
feat(mediation): add keychain_access option to per-command sandbox
christine-at-datadog Apr 17, 2026
1fb8895
ignore missing commands when resolving mediation policy
gharryg Apr 15, 2026
5b8a508
feat(profile): expand generic $VAR tokens in sandbox paths
kipz Apr 20, 2026
30c71f8
feat(profile): expand env vars in mediation args_prefix and TLS paths
kipz Apr 20, 2026
75fe235
feat(mediation): add session/pid context to audit log entries
christine-at-datadog Apr 8, 2026
559e434
feat(mediation): stream stdio via SCM_RIGHTS for passthrough commands
kipz Apr 27, 2026
6b4f278
feat(mediation): add caller_policy to gate which callers may invoke a…
kipz Apr 27, 2026
e9f87e2
chore: untrack Swift build artifacts and add to .gitignore
kipz Apr 28, 2026
9fbb35b
fix(mediation): batch stdio fds into single SCM_RIGHTS message
kipz Apr 29, 2026
043f683
fix(mediation): spawn mediated commands in caller's cwd, not server's
kipz Apr 30, 2026
3cc92c4
style: cargo fmt across mediation crates
kipz May 6, 2026
8ca48d6
fix(mediation): record audit-shim source paths to survive PATH munging
kipz May 6, 2026
00b3d4f
fix(sandbox/macos): mediation socket reachable under network.allow_do…
kipz May 8, 2026
f3c42dd
feat(profile): merge mediation across extends chains
kipz May 7, 2026
7bd6c2a
feat(mediation): promote nonce substrings inside argv and env values
kipz May 12, 2026
cde2929
refactor(mediation): remove keychain_access flag in favour of explici…
christine-at-datadog May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@

## Unreleased

### Bug Fixes

- *(sandbox/macos)* Mediation sockets now reachable when `network.allow_domain` is set. Seatbelt classifies AF_UNIX `connect(2)` as `network-outbound`; under `NetworkMode::ProxyOnly` the base `(deny network*)` blocked the audit/mediation shim's connect to `<session_dir>/{mediation,control,audit}.sock`. Adds a directory-scoped `UnixSocketCapability` for the session dir alongside the existing `FsCapability`. Fixes #33.

### Features

- *(profile)* Mediation now merges across `extends` chains (per-field, with restrictive-wins on `caller_policy.agent_allowed`, `caller_policy.allowed_parents`, and `command_sandbox.network.block`/`keychain_access`). Previously a child profile that declared any `mediation` block fully replaced the base — silently dropping every mediated command the base set up.

### Notes

- Socket grant state now records explicit socket scope. New subtree socket
Expand Down
140 changes: 103 additions & 37 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ resolver = "2"
members = [
"crates/nono",
"crates/nono-cli",
"crates/nono-approve",
"crates/nono-proxy",
"crates/nono-shim",
"bindings/c",
]

Expand Down
Loading