fix: enforce apply_patch workspaceOnly in sandbox mounts

2026-05-08 05:41:24 +00:00 · 2026-02-24 02:23:30 +00:00
parent c070be1bc4
commit 6634030be3
3 changed files with 83 additions and 0 deletions
--- a/src/agents/apply-patch.ts
+++ b/src/agents/apply-patch.ts
@@ -260,6 +260,14 @@ async function resolvePatchPath(
      filePath,
      cwd: options.cwd,
    });
+    if (options.workspaceOnly !== false) {
+      await assertSandboxPath({
+        filePath: resolved.hostPath,
+        cwd: options.cwd,
+        root: options.cwd,
+        allowFinalSymlink: purpose === "unlink",
+      });
+    }
    return {
      resolved: resolved.hostPath,
      display: resolved.relativePath || resolved.hostPath,