mirror of
https://github.com/langbot-app/LangBot.git
synced 2026-06-10 07:46:02 +00:00
refactor(box): clean up sandbox subsystem code quality and efficiency
- Fix O(n²) stderr trimming in runtime.py with running length tracker
- Remove dead code: RESERVED_CONTAINER_PATHS, _subprocess_wait_task,
unused config_hash computation, unused imports
- Deduplicate connection callback in BoxRuntimeConnector, parse URL once
- Use enum comparison instead of stringly-typed spec.network.value check
- Replace manual _result_to_dict/_session_to_dict with model_dump()
- Cache NativeToolLoader tool definition and sandbox system guidance
- Extract _is_path_under() helper to eliminate duplicated path checks
- Import SANDBOX_EXEC_TOOL_NAME from native.py instead of redefining
- Add JSON startswith guard in logging_utils to skip futile json.loads
- Fix ruff lint errors (F401 unused imports, F841 unused variables)
This commit is contained in:
youhuanghe
@@ -20,13 +20,6 @@ BLOCKED_HOST_PATHS = frozenset({
|
||||
'/var/run/podman',
|
||||
})
|
||||
|
||||
RESERVED_CONTAINER_PATHS = frozenset({
|
||||
'/workspace',
|
||||
'/tmp',
|
||||
'/var/tmp',
|
||||
'/run',
|
||||
})
|
||||
|
||||
|
||||
def validate_sandbox_security(spec: BoxSpec) -> None:
|
||||
"""Validate that a BoxSpec does not request dangerous container config.
|
||||
|
||||
Reference in New Issue
Block a user