Skip to content

cargo fix should not require network access #15802

New issue
New issue
Open
Open
cargo fix should not require network access#15802
Labels
A-networkingArea: networking issues, curl, etc.Command-fixS-triageStatus: This issue is waiting on initial triage.
@bolinfest

Description

@bolinfest
bolinfest
opened on Aug 4, 2025

Problem

As explained in:

cargo/src/cargo/ops/fix/mod.rs

Lines 1 to 10 in 840b83a

//! High-level overview of how `fix` works:
//!
//! The main goal is to run `cargo check` to get rustc to emit JSON
//! diagnostics with suggested fixes that can be applied to the files on the
//! filesystem, and validate that those changes didn't break anything.
//!
//! Cargo begins by launching a [`LockServer`] thread in the background to
//! listen for network connections to coordinate locking when multiple targets
//! are built simultaneously. It ensures each package has only one fix running
//! at once.

Indeed, cargo fix appears to start a server on localhost on an ephemeral port here:

cargo/src/cargo/util/lockserver.rs

Lines 49 to 50 in 840b83a

let listener = TcpListener::bind(&LOCALHOST[..])
.context("failed to bind TCP listener to manage locking")?;

This means cargo fix requires network access to work, which means it cannot work in a sandbox/environment where all network requests are denied.

Steps

When running in a sandbox where network is disabled, such as using this Seatbelt policy on macOS:

https://github.com/openai/codex/blob/dc15a5cf0b50eaa7a75dca754d618090d41d51e3/codex-rs/core/src/seatbelt_base_policy.sbpl

cargo clippy --fix may fail with:

error: failed to bind TCP listener to manage locking

Caused by:
  Operation not permitted (os error 1)
error: Recipe `fix` failed on line 28 with exit code 101

If you install the Codex CLI, we have a debug seatbelt command to test running an arbitrary command in the sandbox, so you can reproduce this easily:

$ codex debug seatbelt -- cargo clippy --fix
error: failed to bind TCP listener to manage locking

Caused by:
  Operation not permitted (os error 1)

Possible Solution(s)

Perhaps a UNIX domain socket, advisory locking, or some other mechanism could be used instead?

Notes

It does not seem right that cargo clippy --fix should rely on network access.

Version

cargo 1.88.0 (873a06493 2025-05-10)
release: 1.88.0
commit-hash: 873a0649350c486caf67be772828a4f36bb4734c
commit-date: 2025-05-10
host: aarch64-apple-darwin
libgit2: 1.9.0 (sys:0.20.0 vendored)
libcurl: 8.7.1 (sys:0.4.80+curl-8.12.1 system ssl:(SecureTransport) LibreSSL/3.3.6)
ssl: OpenSSL 3.4.1 11 Feb 2025
os: Mac OS 15.5.0 [64-bit]

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-networkingArea: networking issues, curl, etc.Command-fixS-triageStatus: This issue is waiting on initial triage.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions