Skip to content

[codex] Report structured Git status refusals#30863

Open
bookholt-oai wants to merge 18 commits into
codex/psec-4394-git-06-merge-guardfrom
codex/psec-4396-git-07-status-guard
Open

[codex] Report structured Git status refusals#30863
bookholt-oai wants to merge 18 commits into
codex/psec-4394-git-06-merge-guardfrom
codex/psec-4396-git-07-status-guard

Conversation

@bookholt-oai

@bookholt-oai bookholt-oai commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Why

Workspace change detection currently reduces Git failures to an unavailable boolean. It can also let git status select a repository-configured executable filter before the caller knows whether the read is safe.

Callers need a safe status result or a useful explanation of why one was unavailable.

Approach

Add try_get_has_changes, which returns either the change result or a structured GitReadError. Keep the existing get_has_changes wrapper for callers that still want best-effort behavior.

Run preparation and the final status read through one trusted, repository-authorized Git runner. Preserve the caller's original path while discovering repository authority so a symlink cannot hide an enclosing repository. Reuse the stack's configuration and filter checks, and skip the expensive path scan when no filter driver exists.

The final command is fixed to git status --porcelain --ignore-submodules=dirty, with hooks disabled and executable filters neutralized. One deadline covers the whole operation, output is bounded, and cancellation stops the active child.

Turn metadata reports has_changes_unavailable_reason when the safe read cannot be completed, instead of silently reporting a clean workspace.

This PR is stacked on #30854 and should land after it.

Testing

  • All 281 codex-git-utils tests passed.
  • Focused core tests cover structured refusal serialization, non-UTF-8 repository paths, metadata lineage, and streamed turn metadata.
  • Bazel, Clippy, argument-lint, formatting, and diff checks passed.

@bookholt-oai bookholt-oai marked this pull request as ready for review July 1, 2026 19:59
@bookholt-oai bookholt-oai requested a review from a team as a code owner July 1, 2026 19:59

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 52b2106666

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread codex-rs/git-utils/src/safe_git.rs Outdated
@bookholt-oai bookholt-oai marked this pull request as draft July 2, 2026 01:02
@bookholt-oai bookholt-oai marked this pull request as ready for review July 2, 2026 20:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant