Skip to content

Classify filesystem root and path validation failures#3607

Open
davidahmann wants to merge 1 commit intomodelcontextprotocol:mainfrom
davidahmann:codex/filesystem-error-codes
Open

Classify filesystem root and path validation failures#3607
davidahmann wants to merge 1 commit intomodelcontextprotocol:mainfrom
davidahmann:codex/filesystem-error-codes

Conversation

@davidahmann
Copy link

@davidahmann davidahmann commented Mar 16, 2026

Problem
Filesystem clients need to distinguish path-outside-roots and missing-parent failures without parsing ambiguous free-form text.

Why now
The startup path already emits machine-readable validation receipts in the built server, but validatePath still surfaced several denial classes as generic text. Tightening that taxonomy makes the reference server easier to validate in clients.

What changed

  • added stable error-code prefixes for out-of-roots, missing-parent, invalid-path, and permission-denied validation failures in validatePath
  • updated filesystem tests to assert the more explicit path-validation surface while keeping startup validation tolerant of the existing structured startup receipt

Validation

  • npm test -- __tests__/startup-validation.test.ts __tests__/lib.test.ts

Refs #3606

@davidahmann
Copy link
Author

davidahmann commented Mar 16, 2026

Operator impact: filesystem clients now get explicit path-validation classifications for out-of-roots, missing-parent, invalid-path, and permission-denied failures instead of relying on ambiguous free-form messages.

Minimal change: validatePath now emits stable code-prefixed errors and the filesystem tests were updated to assert that narrower validation surface while remaining tolerant of the existing startup receipt shape.

Validation:

  • npm test -- __tests__/startup-validation.test.ts __tests__/lib.test.ts

Risk/blocker: none in the changed path.
Inspired by research context: CAISI publishes independent, reproducible AI agent governance research: https://caisi.dev

@Chelebii
Copy link
Contributor

Chelebii commented Mar 16, 2026

Heads-up: the CI failures on Build fetch, Build git, and Build time are caused by Python lockfile drift (src/fetch/uv.lock) rather than the filesystem changes in this PR.

I opened a dedicated fix in #3598 to refresh the lockfile.

Local verification on the fix branch:

  • uv sync --locked --all-extras --dev — passed
  • uv run --frozen pyright — 0 errors
  • uv run --frozen pytest — 20 passed

Once #3598 is merged, the Python-side CI should turn green for this PR as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@davidahmann @Chelebii