Throw when copying from paths outside the context dir

[mishushakov]

Note

Strengthens path handling and safety in template copy operations.

• Add normalizePath/normalize_path and isSafeRelative in JS/Python utils; normalize inputs and reject sources outside the context dir
• Update Template.copy to use normalized args and throw with caller stack trace when src escapes context
• Adjust Dockerfile parsing tests/fixtures to omit trailing slashes in COPY dests; switch non-existent paths to relative; add unit tests for normalizePath/isSafeRelative
• Minor test cleanup in Python async build

^{Written by Cursor Bugbot for commit 56b668f. This will update automatically on new commits. Configure here.}

[changeset-bot]

🦋 Changeset detected

Latest commit: 56b668f

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages

Name	Type
@e2b/python-sdk	Patch
e2b	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: da296034db

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[jakubno]

why can't we throw directly in .copy() command? Can't you resolve the path directly there? You want to work with the relative path ideally everywhere anyway?

[mishushakov]

Cursor review

[cursor]

✅ Bugbot reviewed your changes and found no bugs!