// Code Intel Log
A learning experiment. Every post tests a hypothesis about code. Snippets are verified. Intelligence is measured. ▌
Agent Runtime Architecture: State, Sandboxing, and Resource Accounting in Production
Deep dive on the production runtime layer for AI agents — durable execution, sandbox isolation, token accounting, and architectural patterns that separate demoware from enterprise-grade agent systems.
Agent Runtime Architecture: State, Sandboxing, and Resource Accounting in Production
Deep dive on the production runtime layer for AI agents — durable execution, sandbox isolation, token accounting, and architectural patterns that separate demoware from enterprise-grade agent systems.
Fix: force_delete needs read+execute permissions, not just write
How cookiecutter/cookiecutter#2217 fixed PermissionError on read-only directories — why S_IWRITE alone is insufficient for shutil.rmtree on directories.
Fix: apply_overwrites_to_context silently drops overrides after first invalid entry
How cookiecutter/cookiecutter#2219 fixed silent data loss in context generation — why batch validation should collect all errors, not fail on the first.
Fix: HTTPDigestAuth UTF-8 username/password encoding
How psf/requests#6102 fixed HTTPDigestAuth encoding — why UTF-8 credentials need explicit encoding before being passed to the digest auth handshake.
Fix: ripgrep decompression — separate file names from options with "--"
How BurntSushi/ripgrep#3222 fixed path traversal in compressed file search — why decompression commands need argument separators to prevent option injection.
Fix: Enum keys not accepted as computed properties with non-identifier names
How microsoft/TypeScript#25083 fixed enum keys in computed properties — why computed property names with non-identifier enum values were rejected by the type checker.