fix(sandbox): opencode/mtr/traex/coco 沙盒下保留整个状态目录为真实路径#362
Merged
Conversation
deepcoldy
added a commit
that referenced
this pull request
Jul 4, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
背景 / 动机
#356 修复 codex 沙盒 SQLite 锁崩溃后的同型排查(申晗指定扩容 opencode/mtr,并点名 traex 等 codex 系)。这四个 CLI 都在 $HOME 下保留 SQLite/会话状态,但 authPaths 只 carve-out 单个 auth.json:
~/.local/share/opencode(opencode.db / mtr.db,均 WAL 模式)~/.trae/cli(codex 式 state_.sqlite / logs_.sqlite + sessions rollout + history.jsonl;实测 coco 也写 state_5.sqlite)实测发现(prepareSandbox 真实 bwrap 参数 + node-pty 驱动真 CLI,含交互提交消息)
与 codex「boot 即崩」不同,四个 CLI 当前版本在沙盒里 boot 和对话都健康(模型正常回复)——但存在三个现行缺陷:
~/.local/share/opencode/auth.json不存在 → 完全没 bind → 沙盒内 /connect 登录写进 upper,随沙盒销毁丢失改动
四个适配器 authPaths 从单文件扩到整个状态目录(与 codex #356 同款语义)+ 对应单测断言。
验证
三轮对照(每 CLI 观察 120–150s):
--bind;真实目录写入验证——traex 消息原文命中 history.jsonl + rollout jsonl;opencode.db / mtr.db / coco 的 state_5.sqlite-wal mtime 均落在各自测试窗口内(沙盒内 WAL 写锁正常工作)pnpm vitest run test/cli-adapters.test.ts test/sandbox.test.ts test/relay-adapter.test.ts308 通过;pnpm build绿代价 / 影响范围
这些 CLI 自身的会话/状态持久化到真实目录、不随沙盒隔离(与 auth 及 codex #356 相同);项目代码写入隔离(/land 审阅)不受影响。未开沙盒的 bot 无变化。当前线上无 sandbox+这四种 CLI 的 bot,属前置修复。