fix(snapshot): make vfs_restore fail closed and apply atomically

[chaliy]

Closes #1576.

Summary

restore_snapshot_inner previously restored shell state first and then called fs.vfs_restore(...) ignoring its boolean return. The FileSystemExt contract returned false for unsupported restore, and InMemoryFs::restore returned early without clearing on validation failure. A forged unkeyed snapshot whose VFS section failed path validation therefore returned Ok after mutating the shell state, while leaving previous-tenant files readable in the VFS — a half-restored, cross-tenant leak.

Fix

• FileSystemExt::vfs_restore now returns crate::Result<()>. The default impl returns Err(Unsupported); InMemoryFs/OverlayFs/MountableFs propagate the inner result.
• InMemoryFs::restore returns Result<()> with the underlying limit error.
• restore_snapshot_inner reordered to: validate shell limits → apply VFS (can fail) → apply shell state (cannot fail past validation). Mutation order guarantees no half-restored state.

Tests

New integration test snapshot_restore_fails_closed_on_malformed_vfs forges a poisoned VFS path inside an otherwise valid snapshot and asserts:

• restore_snapshot returns Err.
• Shell variable values are unchanged.
• Previous-tenant VFS contents remain intact.

Existing snapshot tests updated to handle the new Result return on InMemoryFs::restore.

Test plan

• cargo test -p bashkit --test snapshot_tests (38/38 passing)
• cargo test -p bashkit --lib fs::memory (49/49 passing)
• cargo test -p bashkit --lib --no-default-features (2207 passing)
• cargo fmt --all -- --check
• cargo clippy -p bashkit --all-features --all-targets -- -D warnings

---

Generated by Claude Code

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	bashkit	c4757fb	Commit Preview URL Branch Preview URL	May 07 2026, 04:22 AM