The pledge(2) manpage lists getdents(2) as being permitted under 
pledge "stdio", but in reality it requires pledge "rpath":

src/sys/kern/kern_pledge.c:336
/* Classify as RPATH, because these leak path information */
[SYS_getdents] = PLEDGE_RPATH;

This diff moves getdents(2) to the list of system calls allowed under
pledge "rpath".

--- lib/libc/sys/pledge.2
+++ lib/libc/sys/pledge.2
@@ -174,7 +174,6 @@ As a result, all the expected functionalities of libc 
 .Xr fstat 2 ,
 .Xr fsync 2 ,
 .Xr ftruncate 2 ,
-.Xr getdents 2 ,
 .Xr getdtablecount 2 ,
 .Xr getegid 2 ,
 .Xr getentropy 2 ,
@@ -240,6 +239,7 @@ read-only effects on the filesystem:
 .Pp
 .Xr chdir 2 ,
 .Xr getcwd 3 ,
+.Xr getdents 2 ,
 .Xr openat 2 ,
 .Xr fstatat 2 ,
 .Xr faccessat 2 ,