langchain-agentcore-codeinterpreter 0.0.2__tar.gz → 0.0.4__tar.gz

{langchain_agentcore_codeinterpreter-0.0.2 → langchain_agentcore_codeinterpreter-0.0.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: langchain-agentcore-codeinterpreter
-Version: 0.0.2
+Version: 0.0.4
 Summary: Amazon Bedrock AgentCore Code Interpreter sandbox integration for Deep Agents
 Project-URL: Source Code, https://github.com/langchain-ai/langchain-aws/tree/main/libs/agentcore-codeinterpreter
 Project-URL: Repository, https://github.com/langchain-ai/langchain-aws

{langchain_agentcore_codeinterpreter-0.0.2 → langchain_agentcore_codeinterpreter-0.0.4}/langchain_agentcore_codeinterpreter/sandbox.py

@@ -32,6 +32,21 @@ _AGENTCORE_EXECUTOR = ThreadPoolExecutor(
 )
 
 
+def _normalize_relative_path(path: str) -> str:
+    """Strip leading slashes and ``./`` prefixes to a canonical relative path.
+
+    Args:
+        path: File path (absolute or relative).
+
+    Returns:
+        Canonical relative path string with no leading ``/`` or ``./``.
+    """
+    path = path.lstrip("/")
+    while path.startswith("./"):
+        path = path[2:]
+    return path
+
+
 class SessionExpiredError(Exception):
     """Raised when the AgentCore session has expired or been terminated."""
 
@@ -104,8 +119,7 @@ def _extract_files_from_stream(
     """
     path_lookup: dict[str, str] = {}
     for path in requested_paths:
-        stripped = path.lstrip("/")
-        path_lookup[stripped] = path
+        path_lookup[_normalize_relative_path(path)] = path
 
     files: dict[str, bytes] = {}
 
@@ -117,13 +131,16 @@ def _extract_files_from_stream(
                 continue
             resource = item.get("resource", {})
             uri = resource.get("uri", "")
-            file_path = uri.replace("file://", "").lstrip("/")
+            file_path = _normalize_relative_path(uri.replace("file://", ""))
 
             content: bytes | None = None
             if "text" in resource:
                 content = resource["text"].encode("utf-8")
             elif "blob" in resource:
-                content = base64.b64decode(resource["blob"])
+                blob = resource["blob"]
+                # The AgentCore stream may deliver blob as already-decoded bytes.
+                # Only base64-decode when it arrives as encoded text.
+                content = blob if isinstance(blob, bytes) else base64.b64decode(blob)
 
             if content is not None:
                 original_path = path_lookup.get(file_path, file_path)
@@ -150,6 +167,15 @@ class AgentCoreSandbox(BaseSandbox):
     The caller is responsible for managing the interpreter lifecycle
     (``start()`` / ``stop()``).
 
+    !!! note
+
+        When the sandbox working directory is not ``/`` (e.g.
+        ``/opt/amazon/genesis1p-tools/var/``), paths must be resolved
+        against the real cwd before shell preflight commands and stripped of
+        the cwd prefix before the AgentCore ``writeFiles``/``readFiles`` APIs.
+        Pass the known cwd via the ``cwd`` constructor argument, or let the
+        sandbox detect it automatically on the first ``write()`` call.
+
     Example:
         .. code-block:: python
 
@@ -168,25 +194,113 @@ class AgentCoreSandbox(BaseSandbox):
             interpreter.stop()
     """
 
-    def __init__(self, *, interpreter: CodeInterpreter) -> None:
+    def __init__(
+        self,
+        *,
+        interpreter: CodeInterpreter,
+        cwd: str | None = None,
+    ) -> None:
         """Create a backend wrapping an active CodeInterpreter session.
 
         Args:
             interpreter: A started :class:`CodeInterpreter` instance.
+            cwd: The sandbox working directory (e.g.
+                ``"/opt/amazon/genesis1p-tools/var"``). When provided,
+                ``write()`` uses it to resolve virtual paths to real absolute
+                paths and to strip the prefix before the AgentCore
+                ``writeFiles`` API. When omitted, the cwd is detected
+                automatically on the first ``write()`` call via ``pwd``.
         """
         self._interpreter = interpreter
+        self._cwd: str | None = cwd.rstrip("/") if cwd is not None else None
+
+    def _get_cwd(self) -> str:
+        """Return the sandbox working directory, detecting it lazily if needed.
+
+        Returns:
+            The working directory with any trailing slash stripped.
+        """
+        if self._cwd is None:
+            result = self.execute("pwd")
+            if result.exit_code != 0 or not result.output.strip():
+                raise RuntimeError(
+                    f"Failed to detect sandbox working directory: "
+                    f"exit_code={result.exit_code}, output={result.output!r}"
+                )
+            self._cwd = result.output.strip().rstrip("/")
+        return self._cwd
+
+    def _to_relative_path(self, path: str) -> str:
+        """Strip the cwd prefix (or leading slashes) for AgentCore file APIs.
 
-    @staticmethod
-    def _to_relative_path(path: str) -> str:
-        """Strip leading slashes so paths are relative for AgentCore APIs.
+        When the sandbox cwd is known and ``path`` starts with it, the cwd
+        prefix is removed so the AgentCore ``writeFiles``/``readFiles`` APIs
+        receive a cwd-relative path. For paths that do not start with the cwd,
+        the standard leading-slash stripping is applied.
 
         Args:
             path: File path (absolute or relative).
 
         Returns:
-            Relative path string.
+            Path relative to the sandbox cwd, with no leading ``/`` or ``./``.
         """
-        return path.lstrip("/")
+        if self._cwd is not None:
+            cwd_prefix = self._cwd + "/"
+            if path.startswith(cwd_prefix):
+                return path[len(cwd_prefix) :]
+        return _normalize_relative_path(path)
+
+    def _to_absolute_path(self, path: str) -> str:
+        """Resolve a path to a real absolute path under the sandbox cwd.
+
+        Paths already under the cwd are returned unchanged. Virtual paths
+        (e.g. ``/workspace/hello.py``) and relative paths are prepended with
+        the cwd so that shell commands (``makedirs``, etc.) operate on the
+        real filesystem location.
+
+        Args:
+            path: File path to resolve.
+
+        Returns:
+            Absolute path under the sandbox cwd.
+        """
+        cwd = self._get_cwd()
+        if not cwd:
+            return path
+        if path.startswith(cwd + "/") or path == cwd:
+            return path
+        return cwd + "/" + path.lstrip("/")
+
+    def write(self, file_path: str, content: str) -> WriteResult:
+        """Create a new file in the sandbox, failing if it already exists.
+
+        Normalizes ``file_path`` to a real absolute path under the sandbox cwd
+        before the preflight shell command (so ``makedirs`` operates on the
+        correct location) and before uploading (so the AgentCore ``writeFiles``
+        API receives a cwd-relative path rather than a doubled absolute path).
+
+        Args:
+            file_path: Destination path for the new file. May be a real
+                absolute path under the sandbox cwd, a virtual absolute path
+                (e.g. ``/workspace/hello.py``), or a relative path.
+            content: UTF-8 text content to write.
+
+        Returns:
+            ``WriteResult`` with ``path`` set to the resolved absolute path on
+            success, or ``error`` on failure.
+        """
+        abs_path = self._to_absolute_path(file_path)
+        preflight_error = self._write_preflight(abs_path)
+        if preflight_error is not None:
+            return preflight_error
+        responses = self.upload_files([(abs_path, content.encode("utf-8"))])
+        assert responses, "upload_files returned no responses"
+        response = responses[0]
+        if response.error:
+            return WriteResult(
+                error=f"Failed to write file '{abs_path}': {response.error}"
+            )
+        return WriteResult(path=abs_path)
 
     def _invoke(self, method: str, params: dict[str, Any]) -> dict[str, Any]:
         """Invoke the interpreter and eagerly consume the response stream.
@@ -294,19 +408,20 @@ class AgentCoreSandbox(BaseSandbox):
             as the input paths.
         """
         try:
+            self._get_cwd()
             relative_paths = [self._to_relative_path(p) for p in paths]
             response = self._invoke(
                 method="readFiles", params={"paths": relative_paths}
             )
-            file_contents = _extract_files_from_stream(response, paths)
+            file_contents = _extract_files_from_stream(response, relative_paths)
 
             return [
                 FileDownloadResponse(
-                    path=path,
-                    content=file_contents.get(path),
-                    error=None if path in file_contents else "file_not_found",
+                    path=original,
+                    content=file_contents.get(rel),
+                    error=None if rel in file_contents else "file_not_found",
                 )
-                for path in paths
+                for original, rel in zip(paths, relative_paths)
             ]
         except SessionExpiredError:
             logger.error("AgentCore session expired while downloading files: %s", paths)

{langchain_agentcore_codeinterpreter-0.0.2 → langchain_agentcore_codeinterpreter-0.0.4}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "langchain-agentcore-codeinterpreter"
-version = "0.0.2"
+version = "0.0.4"
 description = "Amazon Bedrock AgentCore Code Interpreter sandbox integration for Deep Agents"
 readme = "README.md"
 license = "MIT"
@@ -46,7 +46,7 @@ dev = [
 ]
 
 [tool.uv]
-prerelease = "allow"
+prerelease = "if-necessary-or-explicit"
 
 [tool.ruff.lint]
 select = [

{langchain_agentcore_codeinterpreter-0.0.2 → langchain_agentcore_codeinterpreter-0.0.4}/tests/unit_tests/test_sandbox.py

@@ -24,15 +24,16 @@ from langchain_agentcore_codeinterpreter.sandbox import (
 def _make_sandbox(
     invoke_return: dict[str, Any] | None = None,
     session_id: str = "test-session-123",
+    cwd: str | None = None,
 ) -> tuple[AgentCoreSandbox, MagicMock]:
     """Create a sandbox with a mocked interpreter."""
     interpreter = MagicMock()
     interpreter.session_id = session_id
     interpreter.invoke.return_value = invoke_return or {"stream": []}
-    return AgentCoreSandbox(interpreter=interpreter), interpreter
+    return AgentCoreSandbox(interpreter=interpreter, cwd=cwd), interpreter
 
 
-def _make_expired_sandbox() -> tuple[AgentCoreSandbox, MagicMock]:
+def _make_expired_sandbox(cwd: str | None = None) -> tuple[AgentCoreSandbox, MagicMock]:
     """Create a sandbox whose interpreter raises ResourceNotFoundException."""
     interpreter = MagicMock()
     interpreter.session_id = "expired-session"
@@ -45,7 +46,7 @@ def _make_expired_sandbox() -> tuple[AgentCoreSandbox, MagicMock]:
         },
         "InvokeCodeInterpreter",
     )
-    return AgentCoreSandbox(interpreter=interpreter), interpreter
+    return AgentCoreSandbox(interpreter=interpreter, cwd=cwd), interpreter
 
 
 # ------------------------------------------------------------------
@@ -195,7 +196,8 @@ def test_download_files() -> None:
                     }
                 }
             ]
-        }
+        },
+        cwd="/",
     )
     results = sandbox.download_files(["/test.txt"])
     mock.invoke.assert_called_once_with(
@@ -207,7 +209,7 @@ def test_download_files() -> None:
 
 def test_download_files_missing() -> None:
     """Missing files should be reported as file_not_found."""
-    sandbox, _ = _make_sandbox({"stream": [{"result": {"content": []}}]})
+    sandbox, _ = _make_sandbox({"stream": [{"result": {"content": []}}]}, cwd="/")
     results = sandbox.download_files(["/missing.txt"])
     assert results[0].error == "file_not_found"
     assert results[0].content is None
@@ -215,7 +217,7 @@ def test_download_files_missing() -> None:
 
 def test_download_files_handles_exception() -> None:
     """SDK errors during download should return file_not_found."""
-    sandbox, mock = _make_sandbox()
+    sandbox, mock = _make_sandbox(cwd="/")
     mock.invoke.side_effect = RuntimeError("read failed")
     results = sandbox.download_files(["/a.txt"])
     assert results[0].error == "file_not_found"
@@ -223,11 +225,147 @@ def test_download_files_handles_exception() -> None:
 
 def test_download_files_handles_session_expiry() -> None:
     """Session expiry during download should return permission_denied."""
-    sandbox, _ = _make_expired_sandbox()
+    sandbox, _ = _make_expired_sandbox(cwd="/")
     results = sandbox.download_files(["/a.txt"])
     assert results[0].error == "permission_denied"
 
 
+def test_download_files_dot_slash_path() -> None:
+    """./-prefixed paths must round-trip through readFiles and lookup."""
+    fake_png = b"\x89PNG\r\n\x1a\n" + b"\x00" * 100
+    sandbox, mock = _make_sandbox(
+        {
+            "stream": [
+                {
+                    "result": {
+                        "content": [
+                            {
+                                "type": "resource",
+                                "resource": {
+                                    "uri": "file:///data/foo.png",
+                                    "blob": fake_png,
+                                },
+                            }
+                        ]
+                    }
+                }
+            ]
+        },
+        cwd="/",
+    )
+    results = sandbox.download_files(["./data/foo.png"])
+    mock.invoke.assert_called_once_with(
+        method="readFiles", params={"paths": ["data/foo.png"]}
+    )
+    assert results[0].error is None
+    assert results[0].content == fake_png
+
+
+def test_download_files_strips_cwd_prefix() -> None:
+    """Absolute paths under cwd should have the prefix stripped for readFiles."""
+    cwd = "/opt/sandbox"
+    sandbox, mock = _make_sandbox(
+        {
+            "stream": [
+                {
+                    "result": {
+                        "content": [
+                            {
+                                "type": "resource",
+                                "resource": {
+                                    "uri": "file:///workspace/hello.py",
+                                    "text": "hello",
+                                },
+                            }
+                        ]
+                    }
+                }
+            ]
+        },
+        cwd=cwd,
+    )
+    results = sandbox.download_files([f"{cwd}/workspace/hello.py"])
+    mock.invoke.assert_called_once_with(
+        method="readFiles", params={"paths": ["workspace/hello.py"]}
+    )
+    assert results[0].content == b"hello"
+    assert results[0].error is None
+    assert results[0].path == f"{cwd}/workspace/hello.py"
+
+
+def test_download_files_virtual_path_with_cwd() -> None:
+    """Virtual paths not under cwd should fall back to leading-slash stripping."""
+    sandbox, mock = _make_sandbox(
+        {
+            "stream": [
+                {
+                    "result": {
+                        "content": [
+                            {
+                                "type": "resource",
+                                "resource": {
+                                    "uri": "file:///workspace/hello.py",
+                                    "text": "hello",
+                                },
+                            }
+                        ]
+                    }
+                }
+            ]
+        },
+        cwd="/opt/sandbox",
+    )
+    results = sandbox.download_files(["/workspace/hello.py"])
+    mock.invoke.assert_called_once_with(
+        method="readFiles", params={"paths": ["workspace/hello.py"]}
+    )
+    assert results[0].content == b"hello"
+    assert results[0].error is None
+
+
+def test_download_files_lazy_cwd_detection() -> None:
+    """When cwd is not provided, download_files should detect it via pwd."""
+    cwd = "/opt/sandbox"
+
+    def invoke(**kwargs: Any) -> dict[str, Any]:
+        if kwargs.get("method") == "executeCommand":
+            return {
+                "stream": [
+                    {
+                        "result": {
+                            "exitCode": 0,
+                            "content": [{"type": "text", "text": cwd}],
+                        }
+                    }
+                ]
+            }
+        return {
+            "stream": [
+                {
+                    "result": {
+                        "content": [
+                            {
+                                "type": "resource",
+                                "resource": {
+                                    "uri": "file:///workspace/hello.py",
+                                    "text": "hello",
+                                },
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+
+    sandbox, mock = _make_sandbox()
+    mock.invoke.side_effect = invoke
+
+    results = sandbox.download_files([f"{cwd}/workspace/hello.py"])
+    assert sandbox._cwd == cwd
+    assert results[0].content == b"hello"
+    assert results[0].error is None
+
+
 # ------------------------------------------------------------------
 # _to_relative_path()
 # ------------------------------------------------------------------
@@ -235,9 +373,32 @@ def test_download_files_handles_session_expiry() -> None:
 
 def test_relative_path_stripping() -> None:
     """Leading slashes should be stripped; relative paths left as-is."""
-    assert AgentCoreSandbox._to_relative_path("/abs/path.txt") == "abs/path.txt"
-    assert AgentCoreSandbox._to_relative_path("rel/path.txt") == "rel/path.txt"
-    assert AgentCoreSandbox._to_relative_path("///triple.txt") == "triple.txt"
+    sandbox, _ = _make_sandbox()
+    assert sandbox._to_relative_path("/abs/path.txt") == "abs/path.txt"
+    assert sandbox._to_relative_path("rel/path.txt") == "rel/path.txt"
+    assert sandbox._to_relative_path("///triple.txt") == "triple.txt"
+
+
+def test_relative_path_strips_dot_slash() -> None:
+    """./ and repeated ././ prefixes should be stripped."""
+    sandbox, _ = _make_sandbox()
+    assert sandbox._to_relative_path("./data/foo.png") == "data/foo.png"
+    assert sandbox._to_relative_path("././foo.png") == "foo.png"
+    assert sandbox._to_relative_path("/./data/foo.png") == "data/foo.png"
+
+
+def test_relative_path_strips_cwd_prefix() -> None:
+    """When cwd is known, paths under cwd should have the prefix stripped."""
+    sandbox, _ = _make_sandbox(cwd="/opt/sandbox")
+    result = sandbox._to_relative_path("/opt/sandbox/workspace/hello.py")
+    assert result == "workspace/hello.py"
+    assert sandbox._to_relative_path("/opt/sandbox/hello.py") == "hello.py"
+
+
+def test_relative_path_virtual_path_falls_back_to_strip() -> None:
+    """Paths outside cwd should fall back to leading-slash stripping."""
+    sandbox, _ = _make_sandbox(cwd="/opt/sandbox")
+    assert sandbox._to_relative_path("/workspace/hello.py") == "workspace/hello.py"
 
 
 # ------------------------------------------------------------------
@@ -253,6 +414,162 @@ def test_keyword_only_init() -> None:
     assert sandbox.id == "s"
 
 
+def test_cwd_constructor_stores_stripped_cwd() -> None:
+    """cwd passed at construction should be stored with trailing slash removed."""
+    sandbox, _ = _make_sandbox(cwd="/opt/sandbox/")
+    assert sandbox._cwd == "/opt/sandbox"
+
+
+def test_cwd_defaults_to_none() -> None:
+    """When cwd is not passed, _cwd should start as None (lazy detection)."""
+    sandbox, _ = _make_sandbox()
+    assert sandbox._cwd is None
+
+
+# ------------------------------------------------------------------
+# _to_absolute_path()
+# ------------------------------------------------------------------
+
+
+def test_to_absolute_path_already_under_cwd() -> None:
+    """Paths already under the cwd should be returned unchanged."""
+    sandbox, _ = _make_sandbox(cwd="/opt/sandbox")
+    path = "/opt/sandbox/workspace/hello.py"
+    assert sandbox._to_absolute_path(path) == path
+
+
+def test_to_absolute_path_virtual_path_prepends_cwd() -> None:
+    """Virtual paths like /workspace/hello.py should be resolved under cwd."""
+    sandbox, _ = _make_sandbox(cwd="/opt/sandbox")
+    result = sandbox._to_absolute_path("/workspace/hello.py")
+    assert result == "/opt/sandbox/workspace/hello.py"
+
+
+def test_to_absolute_path_relative_path_prepends_cwd() -> None:
+    """Relative paths should be resolved under cwd."""
+    sandbox, _ = _make_sandbox(cwd="/opt/sandbox")
+    result = sandbox._to_absolute_path("workspace/hello.py")
+    assert result == "/opt/sandbox/workspace/hello.py"
+
+
+def test_to_absolute_path_root_cwd_returns_as_is() -> None:
+    """When cwd is / (stored as empty string), absolute paths are returned as-is."""
+    sandbox, _ = _make_sandbox(cwd="/")
+    assert sandbox._to_absolute_path("/workspace/hello.py") == "/workspace/hello.py"
+
+
+# ------------------------------------------------------------------
+# write() — path normalization (issue #1055)
+# ------------------------------------------------------------------
+
+
+def _make_successful_invoke(cwd: str = "") -> Any:
+    """Return an invoke side_effect that succeeds for all methods."""
+
+    def invoke(**kwargs: Any) -> dict[str, Any]:
+        if kwargs.get("method") == "executeCommand":
+            return {
+                "stream": [
+                    {
+                        "result": {
+                            "exitCode": 0,
+                            "content": [{"type": "text", "text": cwd}],
+                        }
+                    }
+                ]
+            }
+        return {"stream": []}
+
+    return invoke
+
+
+def test_write_strips_cwd_prefix_from_upload_path() -> None:
+    """upload path must be cwd-relative so writeFiles doesn't double the prefix."""
+    cwd = "/opt/amazon/genesis1p-tools/var"
+    sandbox, mock = _make_sandbox(cwd=cwd)
+    mock.invoke.side_effect = _make_successful_invoke(cwd)
+
+    abs_path = f"{cwd}/workspace/hello.py"
+    result = sandbox.write(abs_path, "hello")
+
+    write_files_calls = [
+        c for c in mock.invoke.call_args_list if c.kwargs.get("method") == "writeFiles"
+    ]
+    assert len(write_files_calls) == 1
+    uploaded_path = write_files_calls[0].kwargs["params"]["content"][0]["path"]
+    assert uploaded_path == "workspace/hello.py"
+    assert result.path == abs_path
+
+
+def test_write_resolves_virtual_path_for_preflight() -> None:
+    """Virtual paths must be resolved to real absolute paths before preflight."""
+    cwd = "/opt/sandbox"
+    sandbox, mock = _make_sandbox(cwd=cwd)
+    mock.invoke.side_effect = _make_successful_invoke(cwd)
+
+    result = sandbox.write("/workspace/hello.py", "hello")
+
+    # The resolved absolute path should be returned and used for the upload.
+    assert result.path == "/opt/sandbox/workspace/hello.py"
+    write_files_calls = [
+        c for c in mock.invoke.call_args_list if c.kwargs.get("method") == "writeFiles"
+    ]
+    assert len(write_files_calls) == 1
+    uploaded_path = write_files_calls[0].kwargs["params"]["content"][0]["path"]
+    assert uploaded_path == "workspace/hello.py"
+
+
+def test_write_lazy_cwd_detection() -> None:
+    """When cwd is not passed at construction, write() detects it via pwd."""
+    cwd = "/opt/sandbox"
+    sandbox, mock = _make_sandbox()
+    mock.invoke.side_effect = _make_successful_invoke(cwd)
+
+    result = sandbox.write("/workspace/hello.py", "hello")
+
+    assert sandbox._cwd == cwd
+    assert result.path == "/opt/sandbox/workspace/hello.py"
+
+
+def test_write_returns_resolved_path_not_virtual_path() -> None:
+    """WriteResult.path must be the resolved absolute path, not the virtual path.
+
+    Regression test for the execute()-after-write() mismatch: when the LLM writes
+    to "/tmp/script.py" and then runs execute("python /tmp/script.py"), it must
+    use the same path that was returned by write() — otherwise the shell cannot
+    find the file because AgentCore resolves uploads relative to cwd, not to "/".
+    """
+    cwd = "/opt/amazon/genesis1p-tools/var"
+    sandbox, mock = _make_sandbox(cwd=cwd)
+    mock.invoke.side_effect = _make_successful_invoke(cwd)
+
+    result = sandbox.write("/tmp/script.py", "print('hello')")
+
+    # The returned path must be the real location so execute() can find the file.
+    assert result.path == f"{cwd}/tmp/script.py"
+    write_files_calls = [
+        c for c in mock.invoke.call_args_list if c.kwargs.get("method") == "writeFiles"
+    ]
+    uploaded_path = write_files_calls[0].kwargs["params"]["content"][0]["path"]
+    # AgentCore receives a cwd-relative path, resolving to {cwd}/tmp/script.py.
+    assert uploaded_path == "tmp/script.py"
+
+
+def test_write_root_cwd_preserves_existing_behavior() -> None:
+    """When cwd is /, write() should behave as it did before the fix."""
+    sandbox, mock = _make_sandbox(cwd="/")
+    mock.invoke.side_effect = _make_successful_invoke("/")
+
+    result = sandbox.write("/hello.py", "hello")
+
+    assert result.path == "/hello.py"
+    write_files_calls = [
+        c for c in mock.invoke.call_args_list if c.kwargs.get("method") == "writeFiles"
+    ]
+    uploaded_path = write_files_calls[0].kwargs["params"]["content"][0]["path"]
+    assert uploaded_path == "hello.py"
+
+
 # ------------------------------------------------------------------
 # _invoke() — eager stream consumption
 # ------------------------------------------------------------------
@@ -436,7 +753,7 @@ def test_adownload_files_uses_dedicated_executor() -> None:
             }
         ]
     }
-    sandbox, mock = _make_sandbox(canned_response)
+    sandbox, mock = _make_sandbox(canned_response, cwd="/")
 
     import threading