Skip to content

fix: gate remote-mount edit guidance by mode#3423

Open
matthewflint wants to merge 1 commit into
openai:mainfrom
matthewflint:mflint/sandbox-readonly-remote-policy
Open

fix: gate remote-mount edit guidance by mode#3423
matthewflint wants to merge 1 commit into
openai:mainfrom
matthewflint:mflint/sandbox-readonly-remote-policy

Conversation

@matthewflint
Copy link
Copy Markdown
Contributor

@matthewflint matthewflint commented May 15, 2026
edited
Loading

Summary

  • Build remote-mount edit guidance from the actual mount modes.
  • Emit direct apply_patch and shell copy-back guidance only when at least one remote mount is read+write.
  • Explicitly tell agents not to edit read-only remote mount paths in place, including with apply_patch, and not to write edited files back to those paths.
  • Add regression coverage for read-only-only, read+write-only, mixed read-only/read+write manifests, and runtime policy injection.

Test plan

  • UV_CACHE_DIR=/tmp/uv-cache UV_PROJECT_ENVIRONMENT=/tmp/openai-pr3423-venv UV_PYTHON=3.12.13 make format
  • UV_CACHE_DIR=/tmp/uv-cache UV_PROJECT_ENVIRONMENT=/tmp/openai-pr3423-venv UV_PYTHON=3.12.13 make lint
  • UV_CACHE_DIR=/tmp/uv-cache UV_PROJECT_ENVIRONMENT=/tmp/openai-pr3423-venv UV_PYTHON=3.12.13 make typecheck
  • UV_CACHE_DIR=/tmp/uv-cache UV_PROJECT_ENVIRONMENT=/tmp/openai-pr3423-venv UV_PYTHON=3.12.13 make tests

Issue number

N/A

Checks

  • I've added new tests (if relevant)
  • I've added/updated the relevant documentation (N/A; generated sandbox policy text only)
  • I've run make lint and make format
  • I've made sure tests pass

@matthewflint matthewflint force-pushed the mflint/sandbox-readonly-remote-policy branch from 2736b84 to ef469b6 Compare May 15, 2026 11:48
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2736b84b00

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread src/agents/sandbox/remote_mount_policy.py Outdated
@matthewflint matthewflint marked this pull request as draft May 15, 2026 14:04
@matthewflint matthewflint force-pushed the mflint/sandbox-readonly-remote-policy branch from ef469b6 to ae4774f Compare May 16, 2026 10:24
@matthewflint
Copy link
Copy Markdown
Contributor Author

matthewflint commented May 16, 2026
edited
Loading

Updated this to gate remote-mount edit guidance by mount mode.

Direct apply_patch and shell copy-back guidance now only appears when a read+write remote mount is present. Read-only mounts now explicitly say not to edit those paths in place, including with apply_patch, and not to write edited files back.

Added regression coverage for read-only-only, read+write-only, mixed remote mount manifests, and runtime policy injection.

Checked locally with:

  • make format
  • make lint
  • make typecheck
  • make tests

@matthewflint matthewflint changed the title fix: avoid copy-back guidance for read-only remote mounts fix: gate remote-mount edit guidance by mode May 16, 2026
@matthewflint
fix: gate remote-mount edit guidance by mode
b9a3485 
Build the remote-mount edit guidance from the actual mount modes in the manifest. Read+write mounts still get direct apply_patch and shell copy-back guidance, while read-only mounts explicitly avoid both in-place edits and write-back.

This keeps the generated policy consistent for read-only-only manifests and makes mixed read-only/read+write manifests unambiguous.
@matthewflint matthewflint force-pushed the mflint/sandbox-readonly-remote-policy branch from ae4774f to b9a3485 Compare May 16, 2026 11:05
@matthewflint matthewflint marked this pull request as ready for review May 16, 2026 11:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

feature:sandboxes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@matthewflint @seratch