diff --git a/Sources/GitwCore/GitRunner.swift b/Sources/GitwCore/GitRunner.swift index 07dc7b2..658c268 100644 --- a/Sources/GitwCore/GitRunner.swift +++ b/Sources/GitwCore/GitRunner.swift @@ -64,8 +64,14 @@ public enum GitRunner { } let nonce = randomNonce() - let dir = FileManager.default.temporaryDirectory.appendingPathComponent("gitw-\(getpid())-\(UUID().uuidString)") - try FileManager.default.createDirectory(at: dir, withIntermediateDirectories: false, attributes: [FileAttributeKey.posixPermissions: 0o700]) + // Use /tmp to keep Unix domain socket paths short enough for sockaddr_un. + // (macOS limits sun_path to ~104 bytes) + let shortId = String(UUID().uuidString.prefix(8)) + let dir = URL(fileURLWithPath: "/tmp") + .appendingPathComponent("gitw-\(getpid())-\(shortId)") + try FileManager.default.createDirectory(at: dir, + withIntermediateDirectories: false, + attributes: [FileAttributeKey.posixPermissions: 0o700]) tmpDir = dir let sock = dir.appendingPathComponent("askpass.sock").path diff --git a/Tests/GitwCoreTests/SocketPathLengthTests.swift b/Tests/GitwCoreTests/SocketPathLengthTests.swift new file mode 100644 index 0000000..50f20e4 --- /dev/null +++ b/Tests/GitwCoreTests/SocketPathLengthTests.swift @@ -0,0 +1,17 @@ +import Foundation +import Testing +@testable import GitwCore + +struct SocketPathLengthTests { + @Test + func brokerSocketPathStaysUnderUnixDomainLimit() { + // Best-effort guardrail: sockaddr_un.sun_path is ~104 bytes on macOS. + // We can't assert the OS constant easily, but we can ensure our constructed + // path is comfortably below the limit. + let pid = 12345 + let shortId = "abcdef12" + let dir = URL(fileURLWithPath: "/tmp").appendingPathComponent("gitw-\(pid)-\(shortId)") + let sock = dir.appendingPathComponent("askpass.sock").path + #expect(sock.utf8.count < 100) + } +}