forked from farhoodlabs/paperclip
d1a8c873b2
## Thinking Path > - Paperclip orchestrates AI agents through a control plane while adapters execute work in local, remote, or sandboxed runtimes. > - Remote sandbox execution depends on a strict host-versus-remote workspace boundary: the host prepares/restores files, while the adapter command runs inside the sandbox cwd. > - Jannes' PR #5823 identified host-side failure modes that were not covered by replacement PR #5822. > - Persisting a remote pod cwd in session params could poison the next host heartbeat resume and make Paperclip inspect or upload system temp roots. > - Plugin sandbox providers also need a narrow way to receive model-provider API keys without exposing the full server environment to every plugin worker. > - This pull request ports the host-side fixes from #5823 in the current codebase style, with focused regression coverage. > - The benefit is safer remote sandbox resumes and plugin worker environment handling without broadening core plugin privileges. ## What Changed - Persist host workspace cwd, not remote sandbox cwd, in `claude_local` session params while retaining remote execution identity metadata. - Reject saved session cwds that point at system roots before heartbeat falls back to agent home workspace. - Skip sockets, FIFOs, devices, and other non-file entries during workspace restore snapshot capture/comparison. - Pass a small model-provider API-key allowlist only to plugins declaring `environment.drivers.register`. - Added focused regression tests for remote Claude session params, unsafe session cwd detection, plugin worker env filtering, and non-file snapshot entries. Credits: ports host-side fixes from Jannes' #5823. ## Verification - `pnpm vitest run packages/adapter-utils/src/workspace-restore-merge.test.ts server/src/services/session-workspace-cwd.test.ts server/src/__tests__/claude-local-execute.test.ts server/src/__tests__/plugin-database.test.ts` (25 passed, 7 skipped by existing embedded-Postgres host guard) - `pnpm --filter @paperclipai/adapter-utils typecheck` - `pnpm --filter @paperclipai/adapter-claude-local typecheck` - `pnpm --filter @paperclipai/server typecheck` ## Risks - Low risk: changes are scoped to remote sandbox/session metadata, workspace snapshot filtering, and plugin worker env setup. - Sandbox-provider plugins now receive only the explicit model-provider key allowlist; any provider needing another key name will need a deliberate allowlist update. > For core feature work, check [`ROADMAP.md`](ROADMAP.md) first and discuss it in `#dev` before opening the PR. Feature PRs that overlap with planned core work may need to be redirected — check the roadmap first. See `CONTRIBUTING.md`. ## Model Used - OpenAI Codex, GPT-5-based coding agent, tool-enabled local code execution and repository editing. ## Checklist - [x] I have included a thinking path that traces from project context to this change - [x] I have specified the model used (with version and capability details) - [x] I have checked ROADMAP.md and confirmed this PR does not duplicate planned core work - [x] I have run tests locally and they pass - [x] I have added or updated tests where applicable - [x] If this change affects the UI, I have included before/after screenshots - [x] I have updated relevant documentation to reflect my changes - [x] I have considered and documented any risks above - [x] I will address all Greptile and reviewer comments before requesting merge --------- Co-authored-by: Paperclip <noreply@paperclip.ing>
82 lines
3.2 KiB
TypeScript
82 lines
3.2 KiB
TypeScript
export { claudeSessionCwdMatchesExecutionTarget, execute, runClaudeLogin } from "./execute.js";
|
|
export { listClaudeSkills, syncClaudeSkills } from "./skills.js";
|
|
export { listClaudeModels } from "./models.js";
|
|
export { testEnvironment } from "./test.js";
|
|
export {
|
|
parseClaudeStreamJson,
|
|
describeClaudeFailure,
|
|
isClaudeMaxTurnsResult,
|
|
isClaudeUnknownSessionError,
|
|
} from "./parse.js";
|
|
export {
|
|
getQuotaWindows,
|
|
readClaudeAuthStatus,
|
|
readClaudeToken,
|
|
fetchClaudeQuota,
|
|
fetchClaudeCliQuota,
|
|
captureClaudeCliUsageText,
|
|
parseClaudeCliUsageText,
|
|
toPercent,
|
|
fetchWithTimeout,
|
|
claudeConfigDir,
|
|
} from "./quota.js";
|
|
import type { AdapterSessionCodec } from "@paperclipai/adapter-utils";
|
|
|
|
function readNonEmptyString(value: unknown): string | null {
|
|
return typeof value === "string" && value.trim().length > 0 ? value.trim() : null;
|
|
}
|
|
|
|
export const sessionCodec: AdapterSessionCodec = {
|
|
deserialize(raw: unknown) {
|
|
if (typeof raw !== "object" || raw === null || Array.isArray(raw)) return null;
|
|
const record = raw as Record<string, unknown>;
|
|
const sessionId = readNonEmptyString(record.sessionId) ?? readNonEmptyString(record.session_id);
|
|
if (!sessionId) return null;
|
|
const cwd =
|
|
readNonEmptyString(record.cwd) ??
|
|
readNonEmptyString(record.workdir) ??
|
|
readNonEmptyString(record.folder);
|
|
const promptBundleKey =
|
|
readNonEmptyString(record.promptBundleKey) ??
|
|
readNonEmptyString(record.prompt_bundle_key);
|
|
const workspaceId = readNonEmptyString(record.workspaceId) ?? readNonEmptyString(record.workspace_id);
|
|
const repoUrl = readNonEmptyString(record.repoUrl) ?? readNonEmptyString(record.repo_url);
|
|
const repoRef = readNonEmptyString(record.repoRef) ?? readNonEmptyString(record.repo_ref);
|
|
return {
|
|
sessionId,
|
|
...(cwd ? { cwd } : {}),
|
|
...(promptBundleKey ? { promptBundleKey } : {}),
|
|
...(workspaceId ? { workspaceId } : {}),
|
|
...(repoUrl ? { repoUrl } : {}),
|
|
...(repoRef ? { repoRef } : {}),
|
|
};
|
|
},
|
|
serialize(params: Record<string, unknown> | null) {
|
|
if (!params) return null;
|
|
const sessionId = readNonEmptyString(params.sessionId) ?? readNonEmptyString(params.session_id);
|
|
if (!sessionId) return null;
|
|
const cwd =
|
|
readNonEmptyString(params.cwd) ??
|
|
readNonEmptyString(params.workdir) ??
|
|
readNonEmptyString(params.folder);
|
|
const promptBundleKey =
|
|
readNonEmptyString(params.promptBundleKey) ??
|
|
readNonEmptyString(params.prompt_bundle_key);
|
|
const workspaceId = readNonEmptyString(params.workspaceId) ?? readNonEmptyString(params.workspace_id);
|
|
const repoUrl = readNonEmptyString(params.repoUrl) ?? readNonEmptyString(params.repo_url);
|
|
const repoRef = readNonEmptyString(params.repoRef) ?? readNonEmptyString(params.repo_ref);
|
|
return {
|
|
sessionId,
|
|
...(cwd ? { cwd } : {}),
|
|
...(promptBundleKey ? { promptBundleKey } : {}),
|
|
...(workspaceId ? { workspaceId } : {}),
|
|
...(repoUrl ? { repoUrl } : {}),
|
|
...(repoRef ? { repoRef } : {}),
|
|
};
|
|
},
|
|
getDisplayId(params: Record<string, unknown> | null) {
|
|
if (!params) return null;
|
|
return readNonEmptyString(params.sessionId) ?? readNonEmptyString(params.session_id);
|
|
},
|
|
};
|