ed/manual_slop
Private
Public Access
0
0
Fork 0
Code Activity
Files
b94dd85f14530bd3dfd75aa98a42f600c3ef832a
manual_slop/tests/test_no_temp_writes.py
T
ed 7baef97d2c feat(audit): add no-temp-writes audit + regression test 
Tier 2 sandbox invariant: no production script under ./scripts/ may
write to the global %TEMP% directory (C:\\Users\\Ed\\AppData\\Local\\
Temp\\). All scratch / intermediate files must live in:
- ./tests/artifacts/  (for test artifacts)
- C:\\Users\\Ed\\AppData\\Local\\manual_slop\\tier2\\  (for app data)

Writing to %TEMP% breaks the sandbox boundary: the OpenCode session
fires the 'ask' prompt for paths outside the project root, halting
autonomous ops (the 2026-06-17 bug with audit_exception_handling.py
output being written to %TEMP% by the agent's shell redirection).

Convention enforcement (per conductor/workflow.md Audit Script Policy):

- scripts/audit_no_temp_writes.py: the canonical audit. Same shape
  as scripts/audit_exception_handling.py: --json for machine output,
  --strict for the CI gate (exits 1 on any violation). Patterns
  cover tempfile module, os.environ['TEMP'], C:\Users\Ed\AppData\Local\Temp, %TEMP%,
  /tmp/, etc. Excludes the throw-away archive at scripts/tier2/
  artifacts/ and itself (so it can find its own pattern defs).

- tests/test_no_temp_writes.py: default-on regression test. Calls
  the audit with --strict and asserts exit 0. If a new script
  under ./scripts/ ever uses %TEMP%, the test fails and CI breaks.

Current state: CLEAN. All 36 tier2 tests pass (1 new + 16 slash
command spec + 13 failcount + 6 opt-in). Sanity-checked: dropping
a fake 'import tempfile' script into ./scripts/ triggered exit 1
with 'FOUND 1 matches: scripts/_test_temp_check/test_uses_temp.py:1:
import tempfile'.

Future: also add a corresponding deny rule to the sandbox bash
permission in a follow-up if needed (already added in 03c9df84 for
the agent's own bash). The audit + test is the structural guard.
2026-06-17 16:30:50 -04:00

36 lines
1.4 KiB
Python
Raw Blame History

"""Default-on regression test: no script under ./scripts/ may write to
the global %TEMP% directory (C:\\Users\\Ed\\AppData\\Local\\Temp\\).
The Tier 2 sandbox is supposed to keep all scratch / intermediate
files inside its allowlist (C:\\projects\\manual_slop_tier2 +
C:\\Users\\Ed\\AppData\\Local\\manual_slop\\tier2 +
C:\\Users\\Ed\\AppData\\Local\\manual_slop\\tier2_failures). Writing
to the global Temp dir breaks that boundary: the OpenCode session
fires the 'ask' prompt for paths outside the project root, halting
autonomous ops.
The test delegates to scripts/audit_no_temp_writes.py --strict
which exits 1 on any violation. If this test fails, a new script
under ./scripts/ is using %TEMP% and the Tier 2 sandbox boundary
has been violated.
"""
import subprocess
from pathlib import Path
import pytest
def test_no_script_emits_to_temp() -> None:
audit = Path("scripts/audit_no_temp_writes.py").resolve()
assert audit.exists(), f"audit script missing: {audit}"
result = subprocess.run(
["uv", "run", "python", str(audit), "--strict"],
capture_output=True, text=True, timeout=60,
)
assert result.returncode == 0, (
f"audit found %TEMP% usage in scripts:\n{result.stdout}\n{result.stderr}\n\n"
f"Fix: move scratch files to tests/artifacts/ or "
f"C:\\Users\\Ed\\AppData\\Local\\manual_slop\\tier2\\ instead of %TEMP%."
)
assert "CLEAN" in result.stdout, f"unexpected audit output: {result.stdout}"
View Git Blame Copy Permalink