feat(linux): add CODEX_LINUX_DISABLE_EXTERNAL_OPEN_PATCH env var#690
Conversation
…kip openExternal sanitization The Linux external open env patch sanitizes Electron's environment variables before spawning xdg-open for shell.openExternal(url) calls. This works on most desktop Linux configurations but can break on Crostini and other specialized environments where env vars like DBUS_SESSION_BUS_ADDRESS or XDG_CURRENT_DESKTOP are critical for correct garcon/portal routing. Add a runtime env var check in the injected codexLinuxPatchExternalOpen function: when CODEX_LINUX_DISABLE_EXTERNAL_OPEN_PATCH=1, the patch is skipped and the original Electron shell.openExternal is used as-is. Usage: CODEX_LINUX_DISABLE_EXTERNAL_OPEN_PATCH=1 codex-desktop This follows the same convention as CODEX_LINUX_MULTI_LAUNCH for runtime behavior toggles checked in injected code.
|
Thanks for putting this together. I tested the runtime path locally and the implementation behaves as intended from what I can see: with The one thing I would still adjust is the regression coverage. The new test only checks that the env var string is present in the generated helper. For this flag, the important contract is the runtime behavior, especially because it is an explicit escape hatch around the env sanitization. I think it would be safer to add a test next to the existing Checks I ran on the PR head:
|
…NAL_OPEN_PATCH env var Add two tests next to the existing evaluatePatchedExternalOpen cases: - Verifies that CODEX_LINUX_DISABLE_EXTERNAL_OPEN_PATCH=1 delegates to the original Electron openExternal and never spawns xdg-open - Verifies that setting the env var to "0" (or any non-"1" value) still uses the sanitized xdg-open path This addresses the review feedback: ilysenko#690 (comment)
|
@Yo-DDV Thanks for the review! Added two tests! |
ilysenko
left a comment
There was a problem hiding this comment.
Looks good. The runtime escape hatch is narrow, CI is green, and the added tests cover both the disabled delegation path and the normal sanitized xdg-open path.
Summary
Adds a runtime environment variable
CODEX_LINUX_DISABLE_EXTERNAL_OPEN_PATCH=1that skips the Linux external open environment sanitization patch, falling back to the original Electronshell.openExternalbehavior.Motivation
The Linux external open env patch (
linux-external-open-env) sanitizes 19 Electron-specific env vars before spawningxdg-openforshell.openExternal(url)calls. While this prevents Electron env pollution from breakingxdg-openon standard desktops, it can break URL forwarding on Crostini and other specialized environments (e.g. Flatpak, containers) where env vars likeDBUS_SESSION_BUS_ADDRESSorXDG_CURRENT_DESKTOPare critical for correct garcon/portal routing.Previously, users on Crostini had no recourse short of forking the repo or hacking the build. This PR gives them an opt-out at runtime.
Implementation
Follows the established
CODEX_LINUX_MULTI_LAUNCHprecedent — a single env var check in the injectedcodexLinuxPatchExternalOpenfunction at runtime:The patcher (
applyLinuxExternalOpenEnvPatch) is unchanged — it always wrapsrequire(\"electron\"). The env var is checked only when the wrapped function executes, so existing builds are unaffected.Usage
Or set it in the Electron launcher wrapper / cros-garcon service override.
Testing
scripts/patches/impl/main-process/browser.test.js:require(\"electron\")is wrapped correctly