fix(security): handle macOS symlinked system dirs
Follow-up on PR #353 to keep dangerous-path blocking correct on macOS (/etc -> /private/etc) while avoiding overblocking Windows workspaces (C:\).
This commit is contained in:
Fahad
@@ -6,10 +6,18 @@ import asyncio
|
||||
import importlib
|
||||
import os
|
||||
import sys
|
||||
import tempfile
|
||||
from pathlib import Path
|
||||
|
||||
import pytest
|
||||
|
||||
# On macOS, the default pytest temp dir is typically under /var (e.g. /private/var/folders/...).
|
||||
# If /var is considered a dangerous system path, tests must use a safe temp root (like /tmp).
|
||||
if sys.platform == "darwin":
|
||||
os.environ["TMPDIR"] = "/tmp"
|
||||
# tempfile caches the temp dir after first lookup; clear it so pytest fixtures pick up TMPDIR.
|
||||
tempfile.tempdir = None
|
||||
|
||||
# Ensure the parent directory is in the Python path for imports
|
||||
parent_dir = Path(__file__).resolve().parent.parent
|
||||
if str(parent_dir) not in sys.path:
|
||||
|
||||
Reference in New Issue
Block a user