fix(backend): opt in to simple-git unsafe categories present in env

[brendan-kellam]

Summary

• simple-git 3.36.0 (the CVE-2026-6951 upgrade) introduced a hardening layer via @simple-git/argv-parser that throws when the parent process environment contains values it deems unsafe. This includes very common shell vars like PAGER and EDITOR, as well as legitimate operator-set values like GIT_SSH_COMMAND (deploy-key setups), GIT_SSL_NO_VERIFY (referenced in #766), etc. The result was git clone/fetch failing with Use of "PAGER" is not permitted without enabling allowUnsafePager (and similar) on any host with these set.
• This PR parses process.env once at module load using parseEnv from @simple-git/argv-parser and reflects the resulting categories back into simple-git's unsafe option, so whatever the operator's environment contains is trusted by default. When any unsafe values are detected, a logger.warn lists the categories and messages, with a link to simple-git's unsafe-actions doc, so the trust isn't silent.
• Arg-channel risks (alias injection, custom hooks paths, fsmonitor, credential helpers, etc.) remain blocked — only env-driven categories present at startup are opted in.

Test plan

• On a host with PAGER=less set, run a clone and confirm it succeeds (was failing pre-fix).
• Confirm the startup warn log fires and lists the expected categories + messages when PAGER / EDITOR are set.
• Confirm no warn log fires when the environment is clean.

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features
  • App now emits a startup warning when git-related environment variables are detected as unsafe, helping users spot configuration issues that might affect git operations and repository handling.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 40297a58-3c52-4a0b-8fe1-41cf9072f4dd

📥 Commits

Reviewing files that changed from the base of the PR and between 4193945 and f833c4c.

📒 Files selected for processing (1)

• CHANGELOG.md

---

Walkthrough

Parses process.env with @simple-git/argv-parser to detect simple-git “unsafe” categories, logs a warning if any are present, and passes the computed unsafe opt-in map into the simpleGit client. CHANGELOG updated under Unreleased/Added.

Changes

Unsafe Category Configuration

Layer / File(s)	Summary
Environment Parsing and Unsafe Category Detection packages/backend/src/git.ts	Parses process.env using @simple-git/argv-parser to detect simple-git unsafe action categories, builds an unsafe opt-in map from detected categories, and logs a warning with category names/messages if any are present.
Simple-Git Client Initialization packages/backend/src/git.ts	Passes the computed unsafe configuration to the simpleGit(...) constructor so the client permits environment variables flagged by simple-git safety checks.
Changelog Documentation CHANGELOG.md	Adds an ### Added bullet under [Unreleased] documenting the startup warning for simple-git-flagged unsafe environment variables.

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix(backend): opt in to simple-git unsafe categories present in env' directly and specifically describes the main change: opting in to simple-git unsafe categories detected in environment variables.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch brendan/fix-simple-git-unsafe-env

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

packages/backend/src/git.ts (1)

20-31: ⚡ Quick win

Consider error handling around parseEnv.

The parseEnv call executes at module load time without error handling. If it throws, the entire git module will fail to load, preventing the backend from starting. While this fail-fast behavior may be intentional, defensive error handling could provide a better fallback experience.

🛡️ Proposed error handling

-const { vulnerabilities: envVulnerabilities } = parseEnv(process.env);
-const unsafe = Object.fromEntries(
-    envVulnerabilities.map(v => [v.category, true] as const)
-);
+let unsafe: Record<string, boolean> = {};
+let envVulnerabilities: Array<{ category: string; message: string }> = [];
+
+try {
+    const parsed = parseEnv(process.env);
+    envVulnerabilities = parsed.vulnerabilities;
+    unsafe = Object.fromEntries(
+        envVulnerabilities.map(v => [v.category, true] as const)
+    );
+} catch (error) {
+    logger.error('Failed to parse environment for unsafe git categories:', error);
+    logger.warn('Proceeding without unsafe category detection. Git operations may fail if environment contains blocked variables.');
+}
 
 if (envVulnerabilities.length > 0) {

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/backend/src/git.ts` around lines 20 - 31, Wrap the
parseEnv(process.env) call in a try/catch so module load doesn’t throw: call
parseEnv inside a try, on success use its vulnerabilities to build
envVulnerabilities and unsafe as before; on error catch the exception, call
logger.error including the error and fall back to envVulnerabilities = [] and
unsafe = {} (or Object.fromEntries([])) so the rest of the file can continue and
the existing logger.warn block only runs when envVulnerabilities.length > 0;
reference parseEnv, envVulnerabilities, unsafe, and logger.warn when
implementing the change.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@CHANGELOG.md`:
- Around line 22-24: Move the "### Added" section so it appears before the "###
Changed" and "### Fixed" sections to follow the Keep a Changelog order;
specifically, relocate the block starting with the "### Added" header (the entry
about the startup warning for simple-git unsafe env vars) so the sections read:
Added, Changed, Deprecated, Removed, Fixed, Security.

---

Nitpick comments:
In `@packages/backend/src/git.ts`:
- Around line 20-31: Wrap the parseEnv(process.env) call in a try/catch so
module load doesn’t throw: call parseEnv inside a try, on success use its
vulnerabilities to build envVulnerabilities and unsafe as before; on error catch
the exception, call logger.error including the error and fall back to
envVulnerabilities = [] and unsafe = {} (or Object.fromEntries([])) so the rest
of the file can continue and the existing logger.warn block only runs when
envVulnerabilities.length > 0; reference parseEnv, envVulnerabilities, unsafe,
and logger.warn when implementing the change.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 143b8c84-48a8-4770-92e0-1307b264da4d

📥 Commits

Reviewing files that changed from the base of the PR and between ad7f9f6 and 4193945.

📒 Files selected for processing (2)

• CHANGELOG.md
• packages/backend/src/git.ts