potiuk opened a new pull request, #501: URL: https://github.com/apache/airflow-steward/pull/501
## Summary - The `lychee` prek hook links macOS SecureTransport (`native-tls`), whose TLS handshake fails through the secure-agent sandbox's CONNECT proxy on **macOS 26** (`OSStatus -26276`) — even though the certs are valid, there is no MITM, and trustd is reachable. So online external-link checking cannot pass in-sandbox, and `enableWeakerNetworkIsolation` no longer rescues it on this OS. (OpenSSL/rustls clients work through the same proxy; it is SecureTransport-specific.) - Switch the hook to **offline mode** (`offline = true` in `.lychee.toml`): it now validates only local cross-file and anchor references — the in-repo reference integrity this hook is really for. External-URL liveness (already flaky and rate-limited, hence the long ASF-infra `exclude` list) is no longer checked anywhere. - With external link-checking gone, the wildcard link-target domains allowlisted purely so lychee could reach them are dead weight — drop them from the sandbox allowlist. Kept `*.crates.io` + `static.rust-lang.org` (still needed to *build* lychee) and `enableWeakerNetworkIsolation` (gh / gcloud / Go-tool TLS, per the schema). ## Type of change - [x] Cross-cutting (RFC, AGENTS.md, sandbox, privacy-LLM) - [x] Documentation (`docs/`, `README.md`, `CONTRIBUTING.md`) - [x] CI / dev loop (`prek`, workflows, validators) ## Test plan - [x] `prek run lychee --all-files` passes **in-sandbox, no bypass** (offline mode) - [x] markdownlint / format pass on `.lychee.toml` + `docs/setup/secure-agent-setup.md` - [x] Manual fixture: offline lychee catches broken local cross-file links and anchors, and excludes external URLs - [x] `.claude/settings.json` JSON validity confirmed after domain removal ## RFC-AI-0004 compliance - [x] **Sandbox** — net *reduction* in host access (11 wildcard link-target domains removed; no new unrestricted access) ## Linked issues <!-- none --> ## Notes for reviewers - Root cause is macOS 26-specific: the secure-agent sandbox's CONNECT proxy is incompatible with SecureTransport. Offline mode sidesteps it rather than fighting it; remote-link liveness can move to a Linux-only CI job later if wanted. - The `~/.rustup` / `~/.cargo` write+read and `static.rust-lang.org` additions in the isolation-setup template fix a **pre-existing gap**: the template let the rust hook reach `*.crates.io` but never let rustup write its toolchain dirs or download the toolchain — so a clean in-sandbox setup would have failed to build lychee. - Domains removed: `*.apache.org`, `*.anthropic.com`, `*.claude.com`, `*.mitre.org`, `*.nist.gov`, `*.github.io`, `gist.github.com`, `astral.sh`, `json.schemastore.org`, `lychee.cli.rs`, `sdkman.io`. --- 🤖 Generated with [Claude Code](https://claude.com/claude-code) (Opus 4.8). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
