Skip to content

Commit 7c4805c

Browse files
BenediktSchackenbergBenediktSchackenberg
committed
style: format with prettier, restore secureTempFile helper
Signed-off-by: Benedikt Schackenberg <benedikt@schackenberg.com>
1 parent d9a54c3 commit 7c4805c

2 files changed

Lines changed: 19 additions & 4 deletions

File tree

bin/lib/onboard.js

Lines changed: 19 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,22 @@ const nim = require("./nim");
4646
const onboardSession = require("./onboard-session");
4747
const policies = require("./policies");
4848
const { checkPortAvailable, ensureSwap, getMemoryInfo } = require("./preflight");
49+
function secureTempFile(prefix, ext = "") {
50+
const dir = fs.mkdtempSync(path.join(os.tmpdir(), `${prefix}-`));
51+
return path.join(dir, `${prefix}${ext}`);
52+
}
53+
54+
/**
55+
* Safely remove a mkdtemp-created directory. Guards against accidentally
56+
* deleting the system temp root if a caller passes os.tmpdir() itself.
57+
*/
58+
function cleanupTempDir(filePath, expectedPrefix) {
59+
const parentDir = path.dirname(filePath);
60+
if (parentDir !== os.tmpdir() && path.basename(parentDir).startsWith(`${expectedPrefix}-`)) {
61+
fs.rmSync(parentDir, { recursive: true, force: true });
62+
}
63+
}
64+
4965
const EXPERIMENTAL = process.env.NEMOCLAW_EXPERIMENTAL === "1";
5066
const USE_COLOR = !process.env.NO_COLOR && !!process.stdout.isTTY;
5167
const DIM = USE_COLOR ? "\x1b[2m" : "";
@@ -683,7 +699,7 @@ function getProbeRecovery(probe, options = {}) {
683699

684700
// eslint-disable-next-line complexity
685701
function runCurlProbe(argv) {
686-
const bodyFile = path.join(os.tmpdir(), `nemoclaw-curl-probe-${Date.now()}-${Math.random().toString(36).slice(2)}.json`);
702+
const bodyFile = secureTempFile("nemoclaw-curl-probe", ".json");
687703
try {
688704
const args = [...argv];
689705
const url = args.pop();
@@ -736,7 +752,7 @@ function runCurlProbe(argv) {
736752
message: summarizeCurlFailure(error?.status || 1, error?.message || String(error)),
737753
};
738754
} finally {
739-
fs.rmSync(bodyFile, { force: true });
755+
cleanupTempDir(bodyFile, "nemoclaw-curl-probe");
740756
}
741757
}
742758

@@ -3196,7 +3212,7 @@ async function setupOpenclaw(sandboxName, model, provider) {
31963212
{ stdio: ["ignore", "ignore", "inherit"] },
31973213
);
31983214
} finally {
3199-
fs.rmSync(path.dirname(scriptFile), { recursive: true, force: true });
3215+
cleanupTempDir(scriptFile, "nemoclaw-sync");
32003216
}
32013217
}
32023218

test/onboard.test.js

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1823,5 +1823,4 @@ const { setupInference } = require(${onboardPath});
18231823
assert.match(fnBody, /isNonInteractive\(\)/);
18241824
assert.match(fnBody, /process\.exit\(1\)/);
18251825
});
1826-
18271826
});

0 commit comments

Comments
 (0)