Route agent-generated files into /workspace/Output#42
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 50ffbc9026
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if output_redirect_enabled and normalized_key in GENERATED_FILE_OUTPUT_ARG_KEYS: | ||
| mapped[key] = _map_generated_output_tool_path_value(value, root) |
There was a problem hiding this comment.
Allow write tools to edit existing workspace files
This branch unconditionally redirects every write_file/create_directory path key into Output, so a normal edit like repo_write_file on /workspace/README.md is rewritten to <project>/Output/README.md and the real target file is never modified. That breaks code-change workflows and contradicts the stated contract that existing project files can still be edited in place.
Useful? React with 👍 / 👎.
| relative = PurePosixPath(normalized) | ||
| if relative.parts and relative.parts[0] == output_name: | ||
| return str((project_root / Path(*relative.parts)).resolve()) | ||
| return str((project_root / AGENT_OUTPUT_DIRECTORY / Path(*relative.parts)).resolve()) |
There was a problem hiding this comment.
Keep redirected relative paths inside Output
The relative-path redirect uses .resolve() without a containment check, so inputs containing .. can escape Output (for example ../README.md resolves to the repo root). This creates a path traversal that defeats the Output isolation goal and allows unintended overwrites outside the generated-files directory.
Useful? React with 👍 / 👎.
|
|
||
| [model] | ||
| provider = "openai_compatible" | ||
| base_url = "http://10.0.1.152:1234/v1" |
There was a problem hiding this comment.
Restore reachable default model endpoint
The committed default config points base_url at http://10.0.1.152:1234/v1, which is a machine-specific LAN address and will be unreachable for most users. With this as the active [model] block, a fresh run fails to connect until users manually patch config, whereas the prior loopback default worked out of the box for local servers.
Useful? React with 👍 / 👎.
Summary
Output/workspace target for agent-generated files and document it inREADME.mdandchainlit.md./workspace/Output/while preserving normal access to existing repo files.deepagent.tomlto point at the LM Studio endpoint used in this branch.Testing