fix(exec): layer session exec overrides · openclaw/openclaw@adca9a7
joshavant
·
2026-05-29
·
via Recent Commits to openclaw:main
| Original file line number | Diff line number | Diff line change |
|---|
@@ -179,6 +179,32 @@ describe("Agent-specific exec tool defaults", () => {
|
179 | 179 | ).rejects.toThrow(/allowlist miss/); |
180 | 180 | }); |
181 | 181 | |
| 182 | +it("lets session legacy exec overrides clear inherited mode", async () => { |
| 183 | +const tools = createOpenClawCodingTools({ |
| 184 | +config: { |
| 185 | +tools: { |
| 186 | +exec: { |
| 187 | +mode: "auto", |
| 188 | +safeBins: [], |
| 189 | +}, |
| 190 | +}, |
| 191 | +}, |
| 192 | +exec: { |
| 193 | +security: "deny", |
| 194 | +}, |
| 195 | +sessionKey: "agent:main:main", |
| 196 | +workspaceDir: "/tmp/test-main-session-legacy-override", |
| 197 | +agentDir: "/tmp/agent-main-session-legacy-override", |
| 198 | +}); |
| 199 | +const execTool = requireExecTool(tools); |
| 200 | + |
| 201 | +await expect( |
| 202 | +execTool.execute("call-session-legacy-override", { |
| 203 | +command: "echo denied", |
| 204 | +}), |
| 205 | +).rejects.toThrow("security=deny"); |
| 206 | +}); |
| 207 | + |
182 | 208 | it("fails closed when exec host=sandbox is requested without sandbox runtime", async () => { |
183 | 209 | const tools = createOpenClawCodingTools({ |
184 | 210 | config: {}, |
|
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。