mrtoth/agent-sandbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Default to whitelist mode and parallelize tests

Browse Source 
Flips the default sandbox mode from blacklist to whitelist and
replaces the global RUST_TEST_THREADS=1 with a targeted RwLock
that only serializes blacklist sandboxes against tests mutating
glob-matching host paths. A new Sandbox newtype acquires the
guard automatically when --blacklist is in args.
This commit is contained in:
Kristóf Tóth
2026-04-27 08:18:41 +02:00
parent c77dbc10c3
commit 6e81866226
12 changed files with 158 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/unit/config.rs
+1 -1
View File
@@ -405,7 +405,7 @@ fn build_cli_command_overrides_config() {
#[test]
fn build_no_file_config() {
let config = build(args_with_command(), None).unwrap();
assert!(matches!(config.mode, SandboxMode::Blacklist));
assert!(matches!(config.mode, SandboxMode::Whitelist));
assert!(!config.hardened);
}