github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-12 12:11:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: harden sandbox writes and centralize atomic file writes

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-02 16:44:46 +00:00
parent 14e4575af5
commit 18f8393b6c
12 changed files with 203 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/agents/sandbox/registry.ts
View File

@@ -1,12 +1,7 @@
import crypto from "node:crypto";
import fs from "node:fs/promises";
import path from "node:path";
import { writeJsonAtomic } from "../../infra/json-files.js";
import { acquireSessionWriteLock } from "../session-write-lock.js";
import {
SANDBOX_BROWSER_REGISTRY_PATH,
SANDBOX_REGISTRY_PATH,
SANDBOX_STATE_DIR,
} from "./constants.js";
import { SANDBOX_BROWSER_REGISTRY_PATH, SANDBOX_REGISTRY_PATH } from "./constants.js";
export type SandboxRegistryEntry = {
containerName: string;
@@ -111,20 +106,7 @@ async function writeRegistryFile<T extends RegistryEntry>(
registryPath: string,
registry: RegistryFile<T>,
): Promise<void> {
await fs.mkdir(SANDBOX_STATE_DIR, { recursive: true });
const payload = `${JSON.stringify(registry, null, 2)}\n`;
const registryDir = path.dirname(registryPath);
const tempPath = path.join(
registryDir,
`${path.basename(registryPath)}.${crypto.randomUUID()}.tmp`,
);
await fs.writeFile(tempPath, payload, "utf-8");
try {
await fs.rename(tempPath, registryPath);
} catch (error) {
await fs.rm(tempPath, { force: true });
throw error;
}
await writeJsonAtomic(registryPath, registry, { trailingNewline: true });
}
export async function readRegistry(): Promise<SandboxRegistry> {