omx(team): auto-checkpoint worker-1 [1]

2026-05-14 18:06:45 +00:00 · 2026-05-14 17:29:27 +09:00
parent 180ebb3b02
commit 9bc55f9946
1 changed files with 0 additions and 117 deletions
--- a/rust/crates/tools/src/lib.rs
+++ b/rust/crates/tools/src/lib.rs
@@ -9678,123 +9678,6 @@ printf 'pwsh:%s' "$1"
        registry
    }

-    #[test]
-    fn path_scope_classifies_direct_paths_inside_and_outside_workspace() {
-        let _guard = env_guard();
-        let root = temp_path("perm-path-direct");
-        fs::create_dir_all(root.join("src")).expect("create workspace");
-        fs::write(root.join("src/lib.rs"), "// ok\n").expect("write in workspace");
-        let outside = temp_path("perm-path-direct-outside.txt");
-        fs::write(&outside, "secret\n").expect("write outside file");
-        let previous = std::env::current_dir().expect("cwd");
-        std::env::set_current_dir(&root).expect("enter workspace");
-
-        assert_eq!(
-            super::classify_bash_permission("cat src/lib.rs"),
-            PermissionMode::WorkspaceWrite
-        );
-        assert_eq!(
-            super::classify_bash_permission(&format!("cat {}", outside.display())),
-            PermissionMode::DangerFullAccess
-        );
-
-        std::env::set_current_dir(previous).expect("restore cwd");
-        let _ = fs::remove_dir_all(root);
-        let _ = fs::remove_file(outside);
-    }
-
-    #[cfg(unix)]
-    #[test]
-    fn path_scope_denies_symlink_that_resolves_outside_workspace() {
-        let _guard = env_guard();
-        let root = temp_path("perm-path-symlink");
-        fs::create_dir_all(&root).expect("create workspace");
-        let outside = temp_path("perm-path-symlink-secret.txt");
-        fs::write(&outside, "secret\n").expect("write outside file");
-        std::os::unix::fs::symlink(&outside, root.join("secret-link")).expect("create symlink");
-        let previous = std::env::current_dir().expect("cwd");
-        std::env::set_current_dir(&root).expect("enter workspace");
-
-        assert_eq!(
-            super::classify_bash_permission("cat secret-link"),
-            PermissionMode::DangerFullAccess,
-            "workspace-relative symlinks resolving outside the workspace must not be downgraded to workspace-write"
-        );
-
-        std::env::set_current_dir(previous).expect("restore cwd");
-        let _ = fs::remove_dir_all(root);
-        let _ = fs::remove_file(outside);
-    }
-
-    #[test]
-    fn path_scope_denies_shell_expansion_and_glob_traversal() {
-        let _guard = env_guard();
-        let root = temp_path("perm-path-expansion");
-        fs::create_dir_all(&root).expect("create workspace");
-        let previous = std::env::current_dir().expect("cwd");
-        std::env::set_current_dir(&root).expect("enter workspace");
-
-        for command in [
-            "cat ../*",
-            "cat $PWD/../secret.txt",
-            "cat ${PWD}/../secret.txt",
-            "cat $(pwd)/../secret.txt",
-        ] {
-            assert_eq!(
-                super::classify_bash_permission(command),
-                PermissionMode::DangerFullAccess,
-                "{command} should not be treated as workspace-scoped"
-            );
-        }
-
-        std::env::set_current_dir(previous).expect("restore cwd");
-        let _ = fs::remove_dir_all(root);
-    }
-
-    #[test]
-    fn path_scope_allows_nested_worktree_paths_but_denies_parent_escape() {
-        let _guard = env_guard();
-        let root = temp_path("perm-path-worktree");
-        let worktree = root.join("main").join("linked-worktree");
-        fs::create_dir_all(worktree.join("src")).expect("create worktree");
-        fs::write(worktree.join("src/lib.rs"), "// ok\n").expect("write worktree file");
-        let previous = std::env::current_dir().expect("cwd");
-        std::env::set_current_dir(&worktree).expect("enter worktree");
-
-        assert_eq!(
-            super::classify_bash_permission("cat src/lib.rs"),
-            PermissionMode::WorkspaceWrite
-        );
-        assert_eq!(
-            super::classify_bash_permission("cat ../../outside.txt"),
-            PermissionMode::DangerFullAccess
-        );
-
-        std::env::set_current_dir(previous).expect("restore cwd");
-        let _ = fs::remove_dir_all(root);
-    }
-
-    #[test]
-    fn path_scope_denies_windows_style_absolute_paths() {
-        for command in [
-            r"cat C:\\Users\\attacker\\secret.txt",
-            r"cat C:/Users/attacker/secret.txt",
-            r"Get-Content -Path C:\\Users\\attacker\\secret.txt",
-            r"Get-Content -Path C:/Users/attacker/secret.txt",
-        ] {
-            let mode = if command.starts_with("Get-Content") {
-                super::classify_powershell_permission(command)
-            } else {
-                super::classify_bash_permission(command)
-            };
-            assert_eq!(
-                mode,
-                PermissionMode::DangerFullAccess,
-                "{command} should not be treated as workspace-scoped"
-            );
-        }
-    }
-
    #[test]
    fn given_read_only_enforcer_when_bash_then_denied() {
        let registry = read_only_registry();