Localize sandbox thread quota enforcement to sandbox imports by seanwevans · Pull Request #195 · seanwevans/PyIsolate

seanwevans · 2026-04-21T12:24:19Z

Prevent global mutation of threading.Thread.start which could affect non-sandbox host threads.
Keep child-thread quota/accounting enforced for sandboxed code while ensuring host threads remain untouched.

Replace the global threading.Thread.start patch with a sandbox-scoped Thread subclass factory via _make_sandbox_thread_class that implements quota checks and accounting.
Return a wrapped threading module from _wrap_module(...) when sandboxed code imports threading, with Thread set to the sandbox-scoped class so only sandbox imports are affected.
Remove the global patch/unpatch operations from the sandbox run loop so non-sandbox threads are never modified.
Add a regression test test_sandbox_threading_patch_is_local_and_does_not_touch_global_start in tests/test_thread_extra.py to verify host threads run concurrently and that threading.Thread.start identity never changes globally.

Ran pytest -q tests/test_thread_extra.py tests/test_thread_quota.py, all tests passed: 13 passed.
The new regression test verifies no global behavior bleed while sandbox spawns threads and host threads continue using the original threading.Thread.start.

Localize sandbox thread quota enforcement

e50498a

seanwevans added the codex label Apr 21, 2026 — with ChatGPT Codex Connector

seanwevans merged commit 9261b9e into main Apr 21, 2026
9 of 19 checks passed

seanwevans deleted the codex/refactor-thread-management-for-sandbox branch April 21, 2026 12:25

Provide feedback