fix(policy): allow uv in pypi preset

[cv]

Summary

Adds /usr/local/bin/uv to the PyPI network preset binary allowlist so sandboxes using the pypi preset can run the uv package manager directly. This is a clean signed-off replacement for the blocked contributor PR #3368, whose code change was sound but whose branch cannot pass DCO without rewriting existing commits.

Related Issue

Supersedes #3368.

Changes

• Updates nemoclaw-blueprint/policies/presets/pypi.yaml to allow /usr/local/bin/uv alongside the existing Python and pip binaries.

Type of Change

• Code change (feature, bug fix, or refactor)
• Code change with doc updates
• Doc only (prose changes, no code sample modifications)
• Doc only (includes code sample changes)

Verification

• npx prek run --all-files passes
• npm test passes
• Tests added or updated for new or changed behavior
• No secrets, API keys, or credentials committed
• Docs updated for user-facing behavior changes
• npm run docs builds without warnings (doc changes only)
• Doc pages follow the style guide (doc changes only)
• New doc pages include SPDX header and frontmatter (new pages only)

Targeted validation run: npm test -- test/policies.test.ts test/policy-tiers.test.ts test/validate-blueprint.test.ts. The relevant policy YAML checks passed, while test/policies.test.ts currently has unrelated failures on current origin/main around missing policy helper exports and openshell resolution behavior.

---

Signed-off-by: Carlos Villela cvillela@nvidia.com

Summary by CodeRabbit

• Chores
  • Updated PyPI preset policy configuration to allow an additional binary tool in the allowlist.

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 1fa618ce-7e29-4bc4-8ced-c2ef70e68e3a

📥 Commits

Reviewing files that changed from the base of the PR and between 7da4960 and 686eb8a.

📒 Files selected for processing (1)

• nemoclaw-blueprint/policies/presets/pypi.yaml

---

📝 Walkthrough

Walkthrough

The PyPI preset policy configuration is updated to include /usr/local/bin/uv in the network policies binary allowlist, enabling the uv package manager alongside existing Python and pip binary patterns.

Changes

PyPI Preset Configuration

Layer / File(s)	Summary
PyPI binary allowlist nemoclaw-blueprint/policies/presets/pypi.yaml	/usr/local/bin/uv is added to the network_policies.pypi.binaries allowlist alongside the existing Python and pip binary patterns.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 The uv binary hops into the allowlist today,
Joining Python and pip in their Python way,
One little line in the preset so neat,
Makes package management swift and complete! 📦✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix(policy): allow uv in pypi preset' directly and specifically describes the main change: adding the uv binary to the PyPI preset policy allowlist.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/salvage-pypi-uv

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

E2E Advisor Recommendation

Required E2E: network-policy-e2e
Optional E2E: cloud-onboard-e2e, rebuild-openclaw-e2e

Dispatch hint: network-policy-e2e

Auto-dispatched E2E: network-policy-e2e via nightly-e2e.yaml at 4d33687a9663eddbe1e3440de3eeda0d2558ce73 — nightly run

Workflow run

Full advisor summary

E2E Recommendation Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E

• network-policy-e2e (high): This is the focused existing E2E for network policy enforcement. It applies the pypi preset and verifies PyPI reachability under restricted policy mode, covering the policy path most directly affected by the preset change.

Optional E2E

• cloud-onboard-e2e (high): Useful adjacent confidence because this onboarding flow installs with custom policy presets including npm,pypi, validating that the changed preset still loads during real installer/onboarding.
• rebuild-openclaw-e2e (high): Optional confidence for persistence of npm,pypi policy presets across rebuilds; relevant to preset serialization/restore but not specifically to the new uv binary allowance.

New E2E recommendations

• network-policy (high): Existing network-policy-e2e verifies PyPI access via pip but does not appear to exercise /usr/local/bin/uv specifically, so this PR's new allowed binary path can pass without proving uv package-manager traffic works under the pypi preset.
  • Suggested test: Extend test/e2e/test-network-policy.sh TC-NET-02, or add a dedicated uv PyPI policy E2E, to run /usr/local/bin/uv from inside a restricted sandbox after applying the pypi preset and verify it can fetch a package from PyPI while unrelated binaries remain blocked.

Dispatch hint

• Workflow: nightly-e2e.yaml
• jobs input: network-policy-e2e

[github-actions]

PR Review Advisor

Findings: 0 needs attention, 3 worth checking, 0 nice ideas
Since last review: 0 prior items resolved, 2 still apply, 0 new items found

Review findings

🛠️ Needs attention

• None.

🔎 Worth checking

• Source-of-truth review needed: PyPI preset uv binary allowlist: The advisor marked localized patch analysis as needs_followup.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: `pypi.yaml` adds `/usr/local/bin/uv`; `Dockerfile.base` does not install uv; existing e2e PyPI validation uses pip, not uv.
• Source-of-truth review needed for uv PyPI allowlist path (nemoclaw-blueprint/policies/presets/pypi.yaml:31): The PR adds `/usr/local/bin/uv` as a new executable principal for the PyPI sandbox policy, but repository inspection did not establish that this is the supported sandbox uv install path. The path appears only in the changed preset, and `Dockerfile.base` installs Python and pip but not uv. That leaves this as a localized policy exception without a clear source invariant.
  • Recommendation: Document or encode the source of this path before merging: identify where uv is installed, why that source cannot be fixed or asserted in this PR, and what invariant should keep the allowlist correct. If uv is part of another image or runtime layer, add a nearby comment/test or link to that source so future changes do not leave a stale or unintended policy grant.
  • Evidence: `nemoclaw-blueprint/policies/presets/pypi.yaml:31` adds `- { path: /usr/local/bin/uv }`; repository search found `/usr/local/bin/uv` only in this changed preset; `Dockerfile.base` installs `python3`, `python3-pip`, and `python3-venv` but no uv binary.
• Add targeted validation for the uv PyPI preset allowlist (nemoclaw-blueprint/policies/presets/pypi.yaml:31): This sandbox network-policy change broadens PyPI egress authorization to an additional binary, but no direct test or runtime proof was found for the new behavior. Existing coverage checks PyPI REST/read-only rules, HEAD support, generic package-manager binary sections, and pip-based PyPI access; it does not assert `/usr/local/bin/uv`, prove uv can fetch through the preset, or verify an unlisted binary/path remains denied.
  • Recommendation: Add a focused preset test that parses `pypi.yaml` and asserts `/usr/local/bin/uv` is included while PyPI hosts and GET/HEAD-only rules remain unchanged. Preferably also add or identify runtime/integration validation that applying the `pypi` preset lets `/usr/local/bin/uv` fetch from PyPI and that an unlisted binary/path is still denied.
  • Evidence: `test/policies.test.ts` includes PyPI REST/read-only and HEAD checks, and `test/e2e/test-network-policy.sh` validates PyPI via `pip download`; no uv-specific assertion or runtime validation was found. Deterministic test-depth context marks this file as `runtime_validation_recommended`.

🌱 Nice ideas

• None.

Since last review details

Current findings:

• Source-of-truth review needed: PyPI preset uv binary allowlist: The advisor marked localized patch analysis as needs_followup.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: `pypi.yaml` adds `/usr/local/bin/uv`; `Dockerfile.base` does not install uv; existing e2e PyPI validation uses pip, not uv.
• Source-of-truth review needed for uv PyPI allowlist path (nemoclaw-blueprint/policies/presets/pypi.yaml:31): The PR adds `/usr/local/bin/uv` as a new executable principal for the PyPI sandbox policy, but repository inspection did not establish that this is the supported sandbox uv install path. The path appears only in the changed preset, and `Dockerfile.base` installs Python and pip but not uv. That leaves this as a localized policy exception without a clear source invariant.
  • Recommendation: Document or encode the source of this path before merging: identify where uv is installed, why that source cannot be fixed or asserted in this PR, and what invariant should keep the allowlist correct. If uv is part of another image or runtime layer, add a nearby comment/test or link to that source so future changes do not leave a stale or unintended policy grant.
  • Evidence: `nemoclaw-blueprint/policies/presets/pypi.yaml:31` adds `- { path: /usr/local/bin/uv }`; repository search found `/usr/local/bin/uv` only in this changed preset; `Dockerfile.base` installs `python3`, `python3-pip`, and `python3-venv` but no uv binary.
• Add targeted validation for the uv PyPI preset allowlist (nemoclaw-blueprint/policies/presets/pypi.yaml:31): This sandbox network-policy change broadens PyPI egress authorization to an additional binary, but no direct test or runtime proof was found for the new behavior. Existing coverage checks PyPI REST/read-only rules, HEAD support, generic package-manager binary sections, and pip-based PyPI access; it does not assert `/usr/local/bin/uv`, prove uv can fetch through the preset, or verify an unlisted binary/path remains denied.
  • Recommendation: Add a focused preset test that parses `pypi.yaml` and asserts `/usr/local/bin/uv` is included while PyPI hosts and GET/HEAD-only rules remain unchanged. Preferably also add or identify runtime/integration validation that applying the `pypi` preset lets `/usr/local/bin/uv` fetch from PyPI and that an unlisted binary/path is still denied.
  • Evidence: `test/policies.test.ts` includes PyPI REST/read-only and HEAD checks, and `test/e2e/test-network-policy.sh` validates PyPI via `pip download`; no uv-specific assertion or runtime validation was found. Deterministic test-depth context marks this file as `runtime_validation_recommended`.

Workflow run details

This is an automated advisory review. A human maintainer must make the final merge decision.

[github-actions]

E2E Scenario Advisor Recommendation

Required scenario E2E: ubuntu-repo-cloud-openclaw
Optional scenario E2E: None

Dispatch required scenario E2E:

• gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw

Workflow run

Full scenario advisor summary

E2E Scenario Advisor

Base: origin/main
Head: HEAD
Confidence: medium

Required scenario E2E

• ubuntu-repo-cloud-openclaw: The PR changes the built-in PyPI policy preset by allowing /usr/local/bin/uv. The smallest dispatchable scenario in the ROUTES table that exercises repo-current OpenClaw onboarding with the default balanced policy set, which includes PyPI, is ubuntu-repo-cloud-openclaw.
  • Dispatch: gh workflow run e2e-scenarios.yaml --ref <pr-head-ref> --field scenarios=ubuntu-repo-cloud-openclaw

Optional scenario E2E

• None.

Relevant changed files

• nemoclaw-blueprint/policies/presets/pypi.yaml

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 26691654469
Target ref: 686eb8a4aa19b668c0ff92f6b57d68ab7a307edb
Workflow ref: main
Requested jobs: network-policy-e2e
Summary: 0 passed, 0 failed, 0 skipped

Job	Result
network-policy-e2e	⚠️ cancelled

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 26691740044
Target ref: 5eab6da6d337ac1300f87f678ce99b61da6e0ad5
Workflow ref: main
Requested jobs: network-policy-e2e
Summary: 1 passed, 0 failed, 0 skipped

Job	Result
network-policy-e2e	✅ success

[cjagwani]

Approving — 1-line policy preset addition is well-scoped, and uv belongs in the pypi allowlist alongside python/pip. network-policy-e2e passed twice via advisor dispatch.

Non-blocking nit: consider adding a 2-line unit test in test/policies.test.ts asserting /usr/local/bin/uv is in the pypi binaries list — mirror the pypi preset lets curl verify… pattern from #4176. Fine as a follow-up or fold into the next rebase.

[github-actions]

Selective E2E Results — ✅ All requested jobs passed

Run: 26774764243
Target ref: 4d33687a9663eddbe1e3440de3eeda0d2558ce73
Workflow ref: main
Requested jobs: network-policy-e2e
Summary: 1 passed, 0 failed, 0 skipped

Job	Result
network-policy-e2e	✅ success