more world-writable warning improvements #6389
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if let Ok(ref paths) = result | ||
| && !paths.is_empty() | ||
| { |
There was a problem hiding this comment.
The new guard in spawn_world_writable_scan uses if let Ok(ref paths) = result && !paths.is_empty(), which relies on the let_chains feature (codex-rs/tui/src/app.rs lines 654‑656). This syntax is still unstable on the Rust channel used by the repo, so the crate will not compile (rustc emits E0658: "let expressions in this position are unstable"). Please split the guard into a normal if let followed by an explicit if !paths.is_empty() (or equivalent) so the code builds on stable Rust.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
@codex The workspace pins rust-toolchain.toml:2 to 1.90.0, where let-chains are stable. This compiles just fine, all CI checks pass. Not going to change this
There was a problem hiding this comment.
Summary
- Added logging for failed world-writable scans so we record the error and still surface the warning with a
failed_scanflag when the sandbox audit cannot complete. tui/src/app.rsL640-L688 - Clarified that
windows_world_writable_flaggedtreats scan failures as unsafe by usingmap_or(true, …)and documenting why errors still trigger the warning path. tui/src/chatwidget.rsL2142-L2155
Testing
- ✅
cargo test -p codex-tui
etraut-openai
left a comment
etraut-openai
left a comment
There was a problem hiding this comment.
Looks good overall. I left one recommendation.
| let title_line = Line::from("Unprotected directories found").bold(); | ||
| let info_line = if failed_scan { | ||
| Line::from(vec
3 improvements: