fix(agents): expand ~ in path for read/write/edit tools#30744
fix(agents): expand ~ in path for read/write/edit tools#30744jackjin1997 wants to merge 9 commits intoopenclaw:mainfrom
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9ea935549e
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Greptile SummaryThis PR implements tilde ( Additionally includes:
Key changes:
Confidence Score: 4/5
Last reviewed commit: 9ea9355 |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 40a2a59db2
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
path.resolve() treats ~ as a literal directory name, so ~/file.txt resolved to <cwd>/~/file.txt instead of /home/user/file.txt. Add expandHomePrefix() before path.resolve() in all affected tool path resolution points: - Host write operations (mkdir, writeFile) in non-workspace mode - Host edit operations (readFile, writeFile, access) in non-workspace mode - toRelativePathInRoot() workspace boundary validator (affects all tools) - resolveWorkdir() for non-sandbox exec/bash working directory - parseSandboxBindMount() for Docker bind mount host paths The host read tool and sandbox tools already handled tilde via the upstream library's expandPath(). Closes openclaw#30669 Related: openclaw#30782, openclaw#30788, openclaw#30744, openclaw#30770, openclaw#30756, openclaw#30753, openclaw#30752, openclaw#30747
path.resolve() treats ~ as a literal directory name, so ~/file.txt resolved to <cwd>/~/file.txt instead of /home/user/file.txt. Add expandHomePrefix() before path.resolve() in all affected tool path resolution points: - Host write operations (mkdir, writeFile) in non-workspace mode - Host edit operations (readFile, writeFile, access) in non-workspace mode - toRelativePathInRoot() workspace boundary validator (affects all tools) - resolveWorkdir() for non-sandbox exec/bash working directory - parseSandboxBindMount() for Docker bind mount host paths The host read tool and sandbox tools already handled tilde via the upstream library's expandPath(). Closes openclaw#30669 Related: openclaw#30782, openclaw#30788, openclaw#30744, openclaw#30770, openclaw#30756, openclaw#30753, openclaw#30752, openclaw#30747
path.resolve() treats ~ as a literal directory name, so ~/file.txt resolved to <cwd>/~/file.txt instead of /home/user/file.txt. Add expandHomePrefix() before path.resolve() in all affected tool path resolution points: - Host write operations (mkdir, writeFile) in non-workspace mode - Host edit operations (readFile, writeFile, access) in non-workspace mode - toRelativePathInRoot() workspace boundary validator (affects all tools) - resolveWorkdir() for non-sandbox exec/bash working directory - parseSandboxBindMount() for Docker bind mount host paths The host read tool and sandbox tools already handled tilde via the upstream library's expandPath(). Closes openclaw#30669 Related: openclaw#30782, openclaw#30788, openclaw#30744, openclaw#30770, openclaw#30756, openclaw#30753, openclaw#30752, openclaw#30747
path.resolve() treats ~ as a literal directory name, so ~/file.txt resolved to <cwd>/~/file.txt instead of /home/user/file.txt. Add expandHomePrefix() before path.resolve() in all affected tool path resolution points: - Host write operations (mkdir, writeFile) in non-workspace mode - Host edit operations (readFile, writeFile, access) in non-workspace mode - toRelativePathInRoot() workspace boundary validator (affects all tools) - resolveWorkdir() for non-sandbox exec/bash working directory - parseSandboxBindMount() for Docker bind mount host paths The host read tool and sandbox tools already handled tilde via the upstream library's expandPath(). Closes openclaw#30669 Related: openclaw#30782, openclaw#30788, openclaw#30744, openclaw#30770, openclaw#30756, openclaw#30753, openclaw#30752, openclaw#30747
path.resolve() treats ~ as a literal directory name, so ~/file.txt resolved to <cwd>/~/file.txt instead of /home/user/file.txt. Add expandHomePrefix() before path.resolve() in all affected tool path resolution points: - Host write operations (mkdir, writeFile) in non-workspace mode - Host edit operations (readFile, writeFile, access) in non-workspace mode - toRelativePathInRoot() workspace boundary validator (affects all tools) - resolveWorkdir() for non-sandbox exec/bash working directory - parseSandboxBindMount() for Docker bind mount host paths The host read tool and sandbox tools already handled tilde via the upstream library's expandPath(). Closes openclaw#30669 Related: openclaw#30782, openclaw#30788, openclaw#30744, openclaw#30770, openclaw#30756, openclaw#30753, openclaw#30752, openclaw#30747
path.resolve() treats ~ as a literal directory name, so ~/file.txt resolved to <cwd>/~/file.txt instead of /home/user/file.txt. Add expandHomePrefix() before path.resolve() in all affected tool path resolution points: - Host write operations (mkdir, writeFile) in non-workspace mode - Host edit operations (readFile, writeFile, access) in non-workspace mode - toRelativePathInRoot() workspace boundary validator (affects all tools) - resolveWorkdir() for non-sandbox exec/bash working directory - parseSandboxBindMount() for Docker bind mount host paths The host read tool and sandbox tools already handled tilde via the upstream library's expandPath(). Closes openclaw#30669 Related: openclaw#30782, openclaw#30788, openclaw#30744, openclaw#30770, openclaw#30756, openclaw#30753, openclaw#30752, openclaw#30747
path.resolve() treats ~ as a literal directory name, so ~/file.txt resolved to <cwd>/~/file.txt instead of /home/user/file.txt. Add expandHomePrefix() before path.resolve() in all affected tool path resolution points: - Host write operations (mkdir, writeFile) in non-workspace mode - Host edit operations (readFile, writeFile, access) in non-workspace mode - toRelativePathInRoot() workspace boundary validator (affects all tools) - resolveWorkdir() for non-sandbox exec/bash working directory - parseSandboxBindMount() for Docker bind mount host paths The host read tool and sandbox tools already handled tilde via the upstream library's expandPath(). Closes openclaw#30669 Related: openclaw#30782, openclaw#30788, openclaw#30744, openclaw#30770, openclaw#30756, openclaw#30753, openclaw#30752, openclaw#30747
path.resolve() treats ~ as a literal directory name, so ~/file.txt resolved to <cwd>/~/file.txt instead of /home/user/file.txt. Add expandHomePrefix() before path.resolve() in all affected tool path resolution points: - Host write operations (mkdir, writeFile) in non-workspace mode - Host edit operations (readFile, writeFile, access) in non-workspace mode - toRelativePathInRoot() workspace boundary validator (affects all tools) - resolveWorkdir() for non-sandbox exec/bash working directory - parseSandboxBindMount() for Docker bind mount host paths The host read tool and sandbox tools already handled tilde via the upstream library's expandPath(). Closes openclaw#30669 Related: openclaw#30782, openclaw#30788, openclaw#30744, openclaw#30770, openclaw#30756, openclaw#30753, openclaw#30752, openclaw#30747
0238fcf to
97b9410
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 97b94100de
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 80189696ec
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
- pi-tools.params.ts: add expandHomePrefix to normalizeToolParams so ~ expansion is preserved after upstream refactored the function out of pi-tools.read.ts (the PR's core feature was silently dropped in the conflict resolution) - input-provenance.ts: remove inter-session role rewrite (user→assistant) that broke hasInterSessionUserProvenance filters downstream; session-memory and session-utils relied on role=user to detect and skip inter-session content, so the rewrite caused cross-session content to leak into memory and history exports; provenance field alone is sufficient to identify inter-session messages Addresses Codex review P1/P2 feedback on PR openclaw#30744. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a620fdbe14
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
a620fdb to
61d2d49
Compare
- pi-tools.params.ts: add expandHomePrefix to normalizeToolParams so ~ expansion is preserved after upstream refactored the function out of pi-tools.read.ts (the PR's core feature was silently dropped in the conflict resolution) - input-provenance.ts: remove inter-session role rewrite (user→assistant) that broke hasInterSessionUserProvenance filters downstream; session-memory and session-utils relied on role=user to detect and skip inter-session content, so the rewrite caused cross-session content to leak into memory and history exports; provenance field alone is sufficient to identify inter-session messages Addresses Codex review P1/P2 feedback on PR openclaw#30744. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 61d2d49041
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
…nter-session role - Fix inter-session provenance role rewrite to only apply to user messages - Add baseUrl to ToolsWebSearchSchema zod validation for Brave baseUrl support - Fix whitespace-only braveBaseUrl causing crash by trimming before fallback
- pi-tools.params.ts: add expandHomePrefix to normalizeToolParams so ~ expansion is preserved after upstream refactored the function out of pi-tools.read.ts (the PR's core feature was silently dropped in the conflict resolution) - input-provenance.ts: remove inter-session role rewrite (user→assistant) that broke hasInterSessionUserProvenance filters downstream; session-memory and session-utils relied on role=user to detect and skip inter-session content, so the rewrite caused cross-session content to leak into memory and history exports; provenance field alone is sufficient to identify inter-session messages Addresses Codex review P1/P2 feedback on PR openclaw#30744. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…read After rebasing onto upstream/main, the tilde-expansion cherry-pick re-introduced the normalizeToolParams/CLAUDE_PARAM_GROUPS/etc. block inline into pi-tools.read.ts. Upstream already moved these to pi-tools.params.ts (re-exported via pi-tools.read.ts), so the inline copy caused redeclared-export TS errors and an unused import. Remove the duplicate block and the now-unused expandHomePrefix import. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
c8a1567 to
02dc5a5
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 02dc5a52be
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
src/agents/pi-tools.params.ts
Outdated
| } | ||
| // Expand ~ in path | ||
| if (typeof normalized.path === "string" && normalized.path.startsWith("~")) { | ||
| normalized.path = expandHomePrefix(normalized.path); |
There was a problem hiding this comment.
Expand filesystem tool tildes using OS home, not OPENCLAW_HOME
normalizeToolParams now expands path with expandHomePrefix, but this helper defaults to resolveEffectiveHomeDir, which prefers OPENCLAW_HOME; in deployments that set OPENCLAW_HOME for app-state isolation, a user input like ~/notes.txt is rewritten to <OPENCLAW_HOME>/notes.txt instead of the account home directory, so read/write/edit calls can hit the wrong file tree (or fail workspace guards unexpectedly). This expansion should use the OS user home source (HOME/USERPROFILE/os.homedir()) for tool paths, similar to the explicit-home expansion path used in fs-safe.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ae8ba6eedb
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
src/agents/pi-tools.params.ts
Outdated
| if (typeof normalized.path === "string" && normalized.path.startsWith("~")) { | ||
| normalized.path = expandHomePrefix(normalized.path); |
There was a problem hiding this comment.
Expand fs-tool tilde paths with OS home
normalizeToolParams now expands ~ via expandHomePrefix without a home override, which makes ~/... resolve to OPENCLAW_HOME when that env var is set. In deployments that set OPENCLAW_HOME for app-state isolation, read/write/edit tool calls will target that state directory instead of the actual account home (or be blocked by workspace guards), so user file paths are rewritten to the wrong tree. This should use OS-home expansion for tool paths (as expandRelativePathWithHome does in src/infra/fs-safe.ts).
Useful? React with 👍 / 👎.
Fixes #30669. Standardizes tilde expansion across all filesystem tools by expanding ~ in normalizeToolParams (src/agents/pi-tools.read.ts).