From 5cbf86f1c820669fe2ab7c30f9eb315be6d888d8 Mon Sep 17 00:00:00 2001
From: EloquentBrush0x <283442588+EloquentBrush0x@users.noreply.github.com>
Date: Mon, 18 May 2026 19:36:21 -0700
Subject: [PATCH] fix(acp): resolve /tmp symlink before workspace auto-approve
 check on macOS

Path.resolve() follows the /tmp -> /private/tmp symlink on macOS, so
str(path).startswith("/tmp/") is always False for temp-dir paths.
The "Accept Edits" (workspace_session) mode silently refused to
auto-approve every /tmp write on macOS, breaking the documented
behaviour and making the existing test fail on this platform.

Fix: keep the raw expanded path (pre-resolve) for the /tmp prefix
check and continue using the resolved form only for the cwd
relative_to() call where symlink resolution is correct behaviour.
---
 acp_adapter/edit_approval.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/acp_adapter/edit_approval.py b/acp_adapter/edit_approval.py
index 7c5fcaefd22..0ff85e3a3fe 100644
--- a/acp_adapter/edit_approval.py
+++ b/acp_adapter/edit_approval.py
@@ -154,11 +154,15 @@ def should_auto_approve_edit(proposal: EditProposal, policy: str, cwd: str | Non
     policy = str(policy or AUTO_APPROVE_ASK).strip()
     if policy == AUTO_APPROVE_ASK or _is_sensitive_auto_approve_path(proposal.path):
         return False
-    path = Path(proposal.path).expanduser().resolve(strict=False)
+    raw_path = Path(proposal.path).expanduser()
+    # resolve() follows symlinks — on macOS /tmp → /private/tmp, so the
+    # resolved form never starts with "/tmp/". Use raw_path for the /tmp
+    # check and the resolved form only for the cwd relative_to() test.
+    path = raw_path.resolve(strict=False)
     if policy == AUTO_APPROVE_SESSION:
         return True
     if policy == AUTO_APPROVE_WORKSPACE:
-        if str(path).startswith("/tmp/"):
+        if str(raw_path).startswith("/tmp/"):
             return True
         if cwd:
             root = Path(cwd).expanduser().resolve(strict=False)