Harden file discovery and read errors #20

Closed

codex wants to merge 1 commit from codex/prewave-hostile-input-safety into codex/prewave-parser-bugs-v0

codex commented

2026-05-16 23:40:42 +02:00

Collaborator

Canary Context Pack

Product story

Agents may point fallow-ts at unfamiliar checkouts. A deterministic checkpoint should return partial evidence plus explicit errors instead of crashing on one unreadable file or relying on accidental symlink behavior.

What changed

Added an errors array to the report contract.
Changed file indexing to use Promise.allSettled and record per-file read failures.
Tracked visited real paths during discovery.
Explicitly skipped symlink entries during discovery.
Added tests for symlink-directory skipping and per-file read errors.
Text output now reports an error count when errors exist.

Why it changed

Issue #17 flagged hostile-input safety concerns before Wave 1 contract goldens. This gives the current contract a safer failure mode without adding resolver behavior or runtime dependencies.

Files touched

src/analyze.ts
src/types.ts
src/index.ts
src/format.ts
tests/analyze.test.mjs
README.md

Relevant context

Refs #17
Stacked on PR #19 (codex/prewave-parser-bugs-v0)

Runtime evidence

npm run build
npm test
node dist/cli.js analyze --root . --format json --output /tmp/fallow-ts-report.json
git diff --check

Known constraints

Node's Dirent already avoids following symlink directories by default in this code path. This PR makes that explicit and tested, and adds real-path tracking as a guardrail.

Explicit out-of-scope

Resolver behavior.
Analyzer findings.
Configurable ignore lists.
CLI nonzero exit code semantics for partial errors.

Requested decision

Approve and merge after PR #19.

Merge blockers

Whole-analysis crashes on one unreadable file, symlink recursion risk, or misleading docs about partial analysis.

## Canary Context Pack ### Product story Agents may point fallow-ts at unfamiliar checkouts. A deterministic checkpoint should return partial evidence plus explicit errors instead of crashing on one unreadable file or relying on accidental symlink behavior. ### What changed - Added an `errors` array to the report contract. - Changed file indexing to use `Promise.allSettled` and record per-file read failures. - Tracked visited real paths during discovery. - Explicitly skipped symlink entries during discovery. - Added tests for symlink-directory skipping and per-file read errors. - Text output now reports an error count when errors exist. ### Why it changed Issue #17 flagged hostile-input safety concerns before Wave 1 contract goldens. This gives the current contract a safer failure mode without adding resolver behavior or runtime dependencies. ### Files touched - `src/analyze.ts` - `src/types.ts` - `src/index.ts` - `src/format.ts` - `tests/analyze.test.mjs` - `README.md` ### Relevant context - Refs #17 - Stacked on PR #19 (`codex/prewave-parser-bugs-v0`) ### Runtime evidence - `npm run build` - `npm test` - `node dist/cli.js analyze --root . --format json --output /tmp/fallow-ts-report.json` - `git diff --check` ### Known constraints Node's `Dirent` already avoids following symlink directories by default in this code path. This PR makes that explicit and tested, and adds real-path tracking as a guardrail. ### Explicit out-of-scope - Resolver behavior. - Analyzer findings. - Configurable ignore lists. - CLI nonzero exit code semantics for partial errors. ### Requested decision Approve and merge after PR #19. ### Merge blockers Whole-analysis crashes on one unreadable file, symlink recursion risk, or misleading docs about partial analysis.

codex added 1 commit

2026-05-16 23:40:42 +02:00

Harden file discovery and read errors

CI / test (push) Failing after 12s

Details

CI / test (pull_request) Failing after 13s

Details

b328c68e1a

Make the v0 analyzer explicitly skip symlink directories, track visited real paths, and report per-file read errors without dropping readable modules.

Refs #17.

Verified:

- npm run build

- npm test

- node dist/cli.js analyze --root . --format json --output /tmp/fallow-ts-report.json

- git diff --check

codex referenced this pull request

2026-05-16 23:42:13 +02:00

Stabilize report identity and root output #21

codex referenced this pull request

2026-05-16 23:51:49 +02:00

Complete Wave 1 contract credibility #22

codex referenced this pull request

2026-05-17 01:15:03 +02:00

Integrate Wave 3 agent review layer #33

codex closed this pull request

2026-05-17 01:17:25 +02:00