Skip to content

Comments

fix: filter gitignored files from sandbox commit and modified-file detection#154

Open
it-baron wants to merge 1 commit intomichaelshimeles:mainfrom
it-baron:fix-sandbox-gitignore-filtering
Open

fix: filter gitignored files from sandbox commit and modified-file detection#154
it-baron wants to merge 1 commit intomichaelshimeles:mainfrom
it-baron:fix-sandbox-gitignore-filtering

Conversation

@it-baron
Copy link

Summary

  • Prevents OS/build artifacts (.DS_Store, node_modules, dist, __pycache__, .tsbuildinfo, Thumbs.db) from being staged and committed by sandbox agents
  • Adds a two-layer filtering approach: fast static skip-list in getModifiedFiles() + git check-ignore validation before staging in commitSandboxChanges()
  • Adds comprehensive test suites for both sandbox.ts and sandbox-git.ts

Problem

When agents run inside sandboxes, getModifiedFiles() would report OS metadata files (.DS_Store) and build artifacts (node_modules/, dist/, __pycache__/, *.tsbuildinfo) as modified. These would then be staged and committed by commitSandboxChanges(), producing noisy diffs and sometimes causing commit failures when .gitignore rules rejected them at staging time.

Solution

Layer 1 - Static pre-filter (sandbox.ts)

Added ALWAYS_SKIP_NAMES and ALWAYS_SKIP_EXTENSIONS sets with a shouldSkipEntry() helper. getModifiedFiles() now skips these entries at any directory depth during its recursive walk, avoiding unnecessary file-system comparisons entirely.

Layer 2 - Git-aware filter (sandbox-git.ts)

Before calling git add, commitSandboxChanges() now runs git check-ignore on the modified file list and removes any files the repo's .gitignore would reject. If all files are ignored, it returns early with { success: true, branchName: "", filesCommitted: 0 } instead of creating an empty commit.

Changes

File What changed
cli/src/execution/sandbox.ts Added ALWAYS_SKIP_NAMES, ALWAYS_SKIP_EXTENSIONS, shouldSkipEntry(), and integrated into getModifiedFiles()
cli/src/execution/sandbox-git.ts Added git check-ignore filtering and early-return when all files are ignored
cli/src/execution/sandbox.test.ts New - 15 tests covering modified-file detection, skip-list behavior, symlinks, and edge cases
cli/src/execution/sandbox-git.test.ts New - 8 tests covering commit workflow, gitignore filtering, nested dirs, branch naming, and error recovery

Test plan

  • Unit tests for getModifiedFiles() skip-list behavior (.DS_Store, node_modules, dist, __pycache__, .tsbuildinfo, Thumbs.db at root and nested levels)
  • Unit tests for commitSandboxChanges() gitignore filtering (mixed valid/ignored files, all-ignored early return, nested directories)
  • Tests verify agents return to the original branch after commit or error
  • Manual: run a sandbox agent on a repo with .DS_Store files and verify they are excluded from the commit

cc @michaelshimeles

…tection

Agents running in sandboxes would stage and commit OS/build artifacts
(.DS_Store, node_modules, dist, __pycache__, .tsbuildinfo) causing
noisy diffs and failed commits. This change:

- sandbox.ts: adds ALWAYS_SKIP_NAMES/ALWAYS_SKIP_EXTENSIONS sets and
  shouldSkipEntry() to pre-filter commonly gitignored entries in
  getModifiedFiles() at any directory depth
- sandbox-git.ts: runs git check-ignore on modified files before staging
  and gracefully handles the case when all files are ignored
- Adds comprehensive tests for both modules
@vercel
Copy link

vercel bot commented Feb 16, 2026

@it-baron is attempting to deploy a commit to the Goshen Labs Team on Vercel.

A member of the Team first needs to authorize it.

@dosubot
Copy link

dosubot bot commented Feb 16, 2026

Related Documentation

Checked 30 published document(s) in 1 knowledge base(s). No updates required.

How did I do? Any feedback?  Join Discord

@greptile-apps
Copy link
Contributor

greptile-apps bot commented Feb 16, 2026

Greptile Summary

This PR implements a two-layer filtering system to prevent OS metadata files (.DS_Store, Thumbs.db) and build artifacts (node_modules, dist, __pycache__, .tsbuildinfo) from being committed by sandbox agents. Layer 1 uses a static skip-list in getModifiedFiles() to avoid detecting these files, and Layer 2 uses git check-ignore in commitSandboxChanges() to filter out any repository-specific gitignored files before staging.

Key changes:

  • Added ALWAYS_SKIP_NAMES and ALWAYS_SKIP_EXTENSIONS sets with shouldSkipEntry() helper in sandbox.ts
  • Integrated skip-list checks into getModifiedFiles() recursive directory scanner
  • Added git check-ignore filtering in commitSandboxChanges() before staging files
  • Early-return when all files are gitignored to avoid empty commits
  • Comprehensive test suites for both modules (15 tests for sandbox.ts, 8 tests for sandbox-git.ts)

Issues found:

  • commitSandboxChanges() logs and returns modifiedFiles.length instead of filesToStage.length, causing incorrect file count reporting when files are filtered out

Confidence Score: 4/5

  • This PR is safe to merge with minor bug fixes needed
  • The implementation is sound with thorough test coverage (23 tests total), but has two logical bugs in sandbox-git.ts where it reports modifiedFiles.length instead of filesToStage.length, causing incorrect counts when files are filtered. The core filtering logic is correct and well-tested.
  • cli/src/execution/sandbox-git.ts needs the logging and return value fixes for accurate file counts

Important Files Changed

Filename Overview
cli/src/execution/sandbox.ts Adds static skip-list (.DS_Store, node_modules, dist, etc.) to prevent OS/build artifacts from being detected as modified files
cli/src/execution/sandbox-git.ts Adds git check-ignore filtering before staging, with early-return when all files are ignored; has a minor logging inconsistency issue
cli/src/execution/sandbox.test.ts Comprehensive test coverage for getModifiedFiles() skip-list behavior, symlinks, and edge cases
cli/src/execution/sandbox-git.test.ts Thorough tests for commitSandboxChanges() gitignore filtering, nested directories, branch naming, and error recovery

Flowchart

flowchart TD
    A[Agent modifies files in sandbox] --> B[getModifiedFiles called]
    B --> C{Check file/dir name}
    C -->|In ALWAYS_SKIP_NAMES| D[Skip - Layer 1 filter]
    C -->|Has ALWAYS_SKIP_EXTENSIONS| D
    C -->|Not in skip list| E[Add to modifiedFiles list]
    
    E --> F[commitSandboxChanges called]
    F --> G{modifiedFiles.length > 0?}
    G -->|No| H[Return success with empty branch]
    G -->|Yes| I[Create new branch]
    
    I --> J[Copy files from sandbox to original]
    J --> K[Run git check-ignore on files]
    K --> L{Any files ignored?}
    L -->|Yes| M[Filter out ignored files - Layer 2]
    L -->|No| N[Keep all files]
    
    M --> O{filesToStage.length > 0?}
    N --> O
    O -->|No| P[Return success with empty branch]
    O -->|Yes| Q[Stage filesToStage]
    Q --> R[Create commit]
    R --> S[Return to original branch]
Loading

Last reviewed commit: 6646bc3

Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

4 files reviewed, 2 comments

Edit Code Review Agent Settings | Greptile

@greptile-apps
Copy link
Contributor

greptile-apps bot commented Feb 16, 2026

Additional Comments (2)

cli/src/execution/sandbox-git.ts
logs modifiedFiles.length but actually staging only filesToStage.length files

			logDebug(`Agent ${agentNum}: Committed ${filesToStage.length} files to ${branchName}`);
Prompt To Fix With AI
This is a comment left during a code review.
Path: cli/src/execution/sandbox-git.ts
Line: 139:139

Comment:
logs `modifiedFiles.length` but actually staging only `filesToStage.length` files

```suggestion
			logDebug(`Agent ${agentNum}: Committed ${filesToStage.length} files to ${branchName}`);
```

How can I resolve this? If you propose a fix, please make it concise.

cli/src/execution/sandbox-git.ts
returns modifiedFiles.length but should return filesToStage.length since some files may have been filtered out

				filesCommitted: filesToStage.length,
Prompt To Fix With AI
This is a comment left during a code review.
Path: cli/src/execution/sandbox-git.ts
Line: 147:147

Comment:
returns `modifiedFiles.length` but should return `filesToStage.length` since some files may have been filtered out

```suggestion
				filesCommitted: filesToStage.length,
```

How can I resolve this? If you propose a fix, please make it concise.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant