Skip to content

review: tighten comments + unsafe SAFETY note#7

Merged
CMGS merged 1 commit into
mainfrom
review/comment-tighten
Jul 9, 2026
Merged

review: tighten comments + unsafe SAFETY note#7
CMGS merged 1 commit into
mainfrom
review/comment-tighten

Conversation

@CMGS

@CMGS CMGS commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Whole-repo comment/style pass over sandbox main (/code Go, /code-rs Rust, /code-py Python). The tree was audited file-by-file; it came back already within budget, so this PR is deliberately small.

Changes

  • sandboxd/server/server.go — drop the , as before. edit-narration tail from resolveScope's godoc; the sentence is complete without it.
  • sdk/openai/.../adapter.py — remove the restated-code comment in _abs; the three-line body (Path coerce → absolute passthrough → join under manifest.root) is self-evident.
  • silkd/src/sysutil.rs — add the missing SAFETY invariant (/code-rs rule 5) on lookup_user's non-null passwd dereference: pw is non-null (checked) and, with NSS_LOCK held, points to a valid passwd whose pw_dir is a NUL-terminated string it owns. The other unsafe blocks already carry their invariant (guard comments on kill_group/signal_pid, the NSS_LOCK note on getpwnam, the F_GETFL/F_SETFL note on set_nonblocking, the openpty SAFETY block).

Audit result

Across ~95 source files the pass found only these three items — two removable comments and one genuine unsafe-justification gap. Declaration layout, logging idioms, context propagation, error handling, and English-only were all clean; no manufactured churn.

Gates

  • Rust: cargo fmt --check ✓, clippy --all-targets -D warnings on macOS ✓ and in a rust:1-slim Linux container (incl. vsock/tokio-vsock) ✓, cargo test ✓ (10 passed).
  • Go: go build/vet ✓, golangci-lint run on GOOS=linux and GOOS=darwin ✓ (0 issues), golangci-lint fmt --diff ✓.
  • Python: ruff check ✓, pytest ✓ (4 passed, Python 3.12 venv with both SDK packages editable-installed).

Whole-repo comment pass (/code /code-rs /code-py): drop the edit-narration
tail in resolveScope's godoc and the restated-code comment in _abs; add the
missing SAFETY invariant (/code-rs rule 5) on lookup_user's non-null passwd
dereference. The rest of the tree was already within budget.
@CMGS CMGS merged commit f201fef into main Jul 9, 2026
4 checks passed
@CMGS CMGS deleted the review/comment-tighten branch July 9, 2026 12:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant