Auto-mount host directories referenced in wp-config.php#3099
Open
Auto-mount host directories referenced in wp-config.php#3099
Conversation
On a real WordPress server, PHP can access any path on the filesystem. Studio's WASM sandbox restricts PHP to the mounted site folder, causing plugins that reference external directories (via define() constants in wp-config.php) to silently fail. This parses wp-config.php for define() calls with absolute path values, filters to paths that exist on disk and are outside the site folder, and mounts them automatically at their real host location. Zero configuration required — developers write normal WordPress code and it works. Both mount sites are covered: - getBaseRunCLIArgs() in wordpress-server-child.ts (running server) - runWpCliCommand() in run-wp-cli-command.ts (standalone WP-CLI) Fixes #3082
chubes4
force-pushed
the
fix/auto-mount-wp-config-paths
branch
from
9893353 to
ee1227d
Compare
Collaborator
📊 Performance Test ResultsComparing bd14cf8 vs trunk app-size
site-editor
site-startup
Results are median values from multiple test runs. Legend: 🟢 Improvement (faster) | 🔴 Regression (slower) | ⚪ No change (<50ms diff) |
chubes4
added a commit
that referenced
this pull request
Apr 20, 2026
path.resolve('/etc/ssl') returns '\etc\ssl' on Windows, so the
literal '/etc/' prefix check never matched and the unit test
'should skip sensitive system paths' failed on the Windows CI agent.
Use the raw POSIX-style path captured from the regex (which is
guaranteed to start with '/') instead of the resolved path. The
sensitive-roots list is intentionally Unix-only — on a real Windows
host these paths will never exist anyway, and the existsSync() check
below is the actual safety net there.
Fixes the 'Unit Tests on windows' failure on PR #3099.
chubes4
added a commit
that referenced
this pull request
Apr 20, 2026
path.resolve('/etc/ssl') returns '\etc\ssl' on Windows, so the
literal '/etc/' prefix check never matched and the unit test
'should skip sensitive system paths' failed on the Windows CI agent.
Use the raw POSIX-style path captured from the regex (which is
guaranteed to start with '/') instead of the resolved path. The
sensitive-roots list is intentionally Unix-only — on a real Windows
host these paths will never exist anyway, and the existsSync() check
below is the actual safety net there.
Fixes the 'Unit Tests on windows' failure on PR #3099.
path.resolve('/etc/ssl') returns '\etc\ssl' on Windows, so the
literal '/etc/' prefix check never matched and the unit test
'should skip sensitive system paths' failed on the Windows CI agent.
Use the raw POSIX-style path captured from the regex (which is
guaranteed to start with '/') instead of the resolved path. The
sensitive-roots list is intentionally Unix-only — on a real Windows
host these paths will never exist anyway, and the existsSync() check
below is the actual safety net there.
Fixes the 'Unit Tests on windows' failure on PR #3099.
chubes4
force-pushed
the
fix/auto-mount-wp-config-paths
branch
from
da95589 to
bd14cf8
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
On a real WordPress server with MariaDB, if you
define( 'MY_PATH', '/some/dir' )in wp-config.php, PHP can just access that path. Studio's WASM sandbox only mounts the site folder at/wordpress, so any external path silently fails —file_exists()returns false,chmod()errors,scandir()breaks.This PR makes Studio behave like a real server by auto-detecting host directories from wp-config.php and mounting them transparently.
How it works
wp-config.phpfordefine()calls with absolute path string values/etc,/var,/proc,/sys,/dev)/Users/me/Developer→/Users/me/Developer)Zero configuration required. Developers write normal WordPress code and it works.
Use case
Plugins and developer tools that operate on files outside the WordPress site folder — git workspaces, shared asset directories, build output paths, data directories, AI agent memory stores. Example:
Before this PR: PHP gets
file_exists() = falsefor that path.After this PR: PHP can read/write/list that directory normally.
Changes
tools/common/lib/wp-config-mounts.ts—getWpConfigMountPaths()utilitytools/common/lib/tests/wp-config-mounts.test.ts— 11 tests covering edge casesapps/cli/wordpress-server-child.ts— auto-mounts ingetBaseRunCLIArgs()(running server path)apps/cli/lib/run-wp-cli-command.ts— auto-mounts inrunWpCliCommand()(standalone WP-CLI path)Testing
Manually verified with a real site that has
DATAMACHINE_WORKSPACE_PATHdefined in wp-config.php:file_exists('/Users/me/Developer')falsetrue✅scandir('/Users/me/Developer')falsetrue✅falsetrue✅Fixes #3082