release: feat/ai-sre → main (webfetch non-2xx status banner)#70
Merged
Conversation
Skill zips normalized by older fc-safari builds carry entries with no mode bits: a directory entry reads back as 0666 (no execute bit), and honoring it verbatim creates an un-traversable staging dir — every file inside then fails with EACCES (prod skill-load failures, 2026-06-11). Clamp dirs to owner-rwx and files to owner-rw so such archives still install; archives with sane modes are unaffected.
The runner's webfetch read and converted the response body regardless of status code, so a 401/403 auth wall, a redirect-to-login, or any 4xx/5xx error page was turned into markdown and returned/spilled as if it were real page content. fc-safari's localWebFetch already rejects non-2xx; the runner path (used by ai-sre cloud sandboxes) did not. Add a status-code guard in fetchBody right after Do() succeeds and before the body is read/converted. The client already follows redirects via safeCheckRedirect (max 5 hops), so the checked response is terminal.
Dropping the entire body on non-2xx loses valuable content: APIs commonly
return non-2xx with a useful JSON error body (400/422/404 with {"error":...}).
The 123K login page from the audit was HTTP 200, so it never reached this
path anyway — on the non-2xx path the body is almost always worth keeping.
Make it lossless instead of rejecting:
- fetchedPage gains a statusCode field; fetchBody always reads the body and
records resp.StatusCode (no early return on non-2xx).
- WebFetch prepends an [HTTP <code> <text>] banner to the processed content
when the status is non-2xx, so the agent sees BOTH the error status AND the
body. The banner is added after Process so it stays visible even when the
body spilled to a file.
Test now asserts the opposite of before: a 403/404/500 response is preserved
(no error, body returned, statusCode matches).
…webfetch-non2xx-error fix(webfetch): flag non-2xx responses with a status banner (keep the body)
fix(environment): clamp zip entry modes during skill extraction
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Promote the merged audit fix #69 to main for the v0.0.21 release.
[HTTP <code> <text>]status banner so the agent sees both the error status and the content. Was: returned the body with no error signal.feat/ai-sre is exactly main + #69 (CI green). Authorized by Boss for this main-trunk repo.