ticket: close plugin fs host api
This commit is contained in:
parent
817c335f30
commit
b0ea9513e3
|
|
@ -1,8 +1,8 @@
|
|||
---
|
||||
title: 'Plugin: implement fs host API for Tool runtime'
|
||||
state: 'inprogress'
|
||||
state: 'closed'
|
||||
created_at: '2026-06-19T07:53:13Z'
|
||||
updated_at: '2026-06-19T16:15:17Z'
|
||||
updated_at: '2026-06-19T16:17:51Z'
|
||||
assignee: null
|
||||
readiness: 'implementation_ready'
|
||||
risk_flags: ['plugin', 'fs', 'host-api', 'sandbox', 'path-safety', 'permission-grants', 'file-mutation']
|
||||
|
|
|
|||
33
.yoi/tickets/00001KVFDX9AY/resolution.md
Normal file
33
.yoi/tickets/00001KVFDX9AY/resolution.md
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
Ticket `00001KVFDX9AY` is complete.
|
||||
|
||||
Completed implementation:
|
||||
- Added granted scoped filesystem `fs` host API for WASM Plugin Tools.
|
||||
- Added `PluginFsGrant { root, operations }` and `PluginFsOperation::{read,list,write}` to the Plugin grant model.
|
||||
- Implemented `yoi:fs` WASM host imports for read/list/write with response buffer handling.
|
||||
- Enforced Plugin-specific grants before filesystem access; Plugin Tools do not inherit Pod/workspace filesystem authority.
|
||||
- Added path safety for relative-only requests, traversal rejection, symlink/root escape rejection, canonical root checks, and Unix `O_NOFOLLOW` for writes.
|
||||
- Added read/list/write bounds, explicit truncation/fail-closed behavior, write serialization by normalized/canonical target, and bounded/redacted diagnostics.
|
||||
- Updated Plugin CLI inspection to show configured fs grants.
|
||||
|
||||
Reviewed / merged:
|
||||
- Implementation commit: `717c0999` (`plugin: implement fs host api`)
|
||||
- Reviewer result: approve, no blockers.
|
||||
- Reviewer noted a non-blocking future hardening context: the current implementation is path/canonicalization based and does not fully eliminate adversarial external TOCTOU races where another local process mutates granted-root directories between checks and open/read/list/write. This is accepted within the feasible scope of the initial subset.
|
||||
- Orchestrator merge commit: `c94e157b` (`merge: plugin fs host api`)
|
||||
|
||||
Validation in Orchestrator worktree:
|
||||
- `cargo fmt --check` — passed
|
||||
- `cargo check -p pod -p manifest -p yoi` — passed
|
||||
- `cargo test -p pod feature::plugin -- --nocapture` — passed; 48 passed, 0 failed
|
||||
- `cargo test -p manifest plugin -- --nocapture` — passed; 17 passed, 0 failed
|
||||
- `cargo test -p yoi plugin_cli -- --nocapture` — passed; 10 passed, 0 failed
|
||||
- `git diff --check` — passed
|
||||
- `nix build .#yoi --no-link` — passed
|
||||
|
||||
Cleanup:
|
||||
- Stopped Coder Pod `yoi-coder-00001KVFDX9AY`.
|
||||
- Stopped Reviewer Pod `yoi-reviewer-00001KVFDX9AY`.
|
||||
- Removed child worktree `/home/hare/Projects/yoi/.worktree/00001KVFDX9AY-plugin-fs-host-api`.
|
||||
- Deleted merged branch `impl/00001KVFDX9AY-plugin-fs-host-api`.
|
||||
|
||||
Root/original workspace was not read/written/merged/validated for this Ticket, per Panel Queue instruction. The completed work is integrated on the Orchestrator branch.
|
||||
|
|
@ -789,3 +789,82 @@ Conclusion:
|
|||
- Implementation satisfies the recorded Ticket acceptance criteria and is ready for merge/validation in the Orchestrator worktree.
|
||||
|
||||
---
|
||||
|
||||
<!-- event: implementation_report author: yoi-orchestrator at: 2026-06-19T16:16:56Z -->
|
||||
|
||||
## Implementation report
|
||||
|
||||
Cleanup report:
|
||||
|
||||
Plugin FS host API Ticket の implementation/review Pods と child worktree を cleanup した。
|
||||
|
||||
Stopped Pods:
|
||||
- `yoi-coder-00001KVFDX9AY`
|
||||
- `yoi-reviewer-00001KVFDX9AY`
|
||||
|
||||
Removed child implementation worktree:
|
||||
- `/home/hare/Projects/yoi/.worktree/00001KVFDX9AY-plugin-fs-host-api`
|
||||
|
||||
Deleted merged implementation branch:
|
||||
- `impl/00001KVFDX9AY-plugin-fs-host-api` at `717c0999`
|
||||
|
||||
Orchestrator branch remains the integration authority for this completed work. Root/original workspace was not touched for this Ticket, per Panel Queue instruction.
|
||||
|
||||
---
|
||||
|
||||
<!-- event: state_changed author: yoi-orchestrator at: 2026-06-19T16:17:29Z from: inprogress to: done reason: merged_validated_review_approved field: state -->
|
||||
|
||||
## State changed
|
||||
|
||||
Implementation commit `717c0999` was reviewed and approved, merged into the Orchestrator branch as `c94e157b`, validated in the Orchestrator worktree, and child implementation resources were cleaned up. Requirements and acceptance criteria are satisfied for this Ticket. Root/original workspace was not operated on for this Ticket per Panel Queue instruction.
|
||||
|
||||
---
|
||||
|
||||
<!-- event: state_changed author: hare at: 2026-06-19T16:17:51Z from: done to: closed reason: closed field: state -->
|
||||
|
||||
## State changed
|
||||
|
||||
Ticket を closed にしました。
|
||||
|
||||
|
||||
---
|
||||
|
||||
<!-- event: close author: hare at: 2026-06-19T16:17:51Z status: closed -->
|
||||
|
||||
## 完了
|
||||
|
||||
Ticket `00001KVFDX9AY` is complete.
|
||||
|
||||
Completed implementation:
|
||||
- Added granted scoped filesystem `fs` host API for WASM Plugin Tools.
|
||||
- Added `PluginFsGrant { root, operations }` and `PluginFsOperation::{read,list,write}` to the Plugin grant model.
|
||||
- Implemented `yoi:fs` WASM host imports for read/list/write with response buffer handling.
|
||||
- Enforced Plugin-specific grants before filesystem access; Plugin Tools do not inherit Pod/workspace filesystem authority.
|
||||
- Added path safety for relative-only requests, traversal rejection, symlink/root escape rejection, canonical root checks, and Unix `O_NOFOLLOW` for writes.
|
||||
- Added read/list/write bounds, explicit truncation/fail-closed behavior, write serialization by normalized/canonical target, and bounded/redacted diagnostics.
|
||||
- Updated Plugin CLI inspection to show configured fs grants.
|
||||
|
||||
Reviewed / merged:
|
||||
- Implementation commit: `717c0999` (`plugin: implement fs host api`)
|
||||
- Reviewer result: approve, no blockers.
|
||||
- Reviewer noted a non-blocking future hardening context: the current implementation is path/canonicalization based and does not fully eliminate adversarial external TOCTOU races where another local process mutates granted-root directories between checks and open/read/list/write. This is accepted within the feasible scope of the initial subset.
|
||||
- Orchestrator merge commit: `c94e157b` (`merge: plugin fs host api`)
|
||||
|
||||
Validation in Orchestrator worktree:
|
||||
- `cargo fmt --check` — passed
|
||||
- `cargo check -p pod -p manifest -p yoi` — passed
|
||||
- `cargo test -p pod feature::plugin -- --nocapture` — passed; 48 passed, 0 failed
|
||||
- `cargo test -p manifest plugin -- --nocapture` — passed; 17 passed, 0 failed
|
||||
- `cargo test -p yoi plugin_cli -- --nocapture` — passed; 10 passed, 0 failed
|
||||
- `git diff --check` — passed
|
||||
- `nix build .#yoi --no-link` — passed
|
||||
|
||||
Cleanup:
|
||||
- Stopped Coder Pod `yoi-coder-00001KVFDX9AY`.
|
||||
- Stopped Reviewer Pod `yoi-reviewer-00001KVFDX9AY`.
|
||||
- Removed child worktree `/home/hare/Projects/yoi/.worktree/00001KVFDX9AY-plugin-fs-host-api`.
|
||||
- Deleted merged branch `impl/00001KVFDX9AY-plugin-fs-host-api`.
|
||||
|
||||
Root/original workspace was not read/written/merged/validated for this Ticket, per Panel Queue instruction. The completed work is integrated on the Orchestrator branch.
|
||||
|
||||
---
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user