Skip to content

fix(backend): opt in to simple-git unsafe categories present in env #1193

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
brendan-kellam merged 4 commits into from
May 12, 2026
+26 −0
Merged

fix(backend): opt in to simple-git unsafe categories present in env #1193

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2449548
fix(backend): opt in to simple-git unsafe categories present in env
brendan-kellam May 12, 2026
9e8ea95
update CHANGELOG
brendan-kellam May 12, 2026
4193945
changelog & nit
brendan-kellam May 12, 2026
f833c4c
changelog
brendan-kellam May 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

### Added
- Added warning message that fires on startup when host environment contains env vars that simple-git flags as unsafe. [#1193](https://github.com/sourcebot-dev/sourcebot/pull/1193)

### Fixed
- Add missing schema changes introduced in [#1170](https://github.com/sourcebot-dev/sourcebot/pull/1170). [#1176](https://github.com/sourcebot-dev/sourcebot/pull/1176)
- Fixed blame gutter commit navigation to use the file path as it existed at the attributing commit, so clicking a blame line whose commit predates a rename resolves to the correct historical path. [#1178](https://github.com/sourcebot-dev/sourcebot/pull/1178)
Expand Down
23 changes: 23 additions & 0 deletions packages/backend/src/git.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,33 @@ import { existsSync } from 'node:fs';
import { mkdir } from 'node:fs/promises';
import { dirname, resolve } from 'node:path';
import { CheckRepoActions, GitConfigScope, simpleGit, SimpleGitProgressEvent } from 'simple-git';
import { parseEnv } from '@simple-git/argv-parser';

type onProgressFn = (event: SimpleGitProgressEvent) => void;

const logger = createLogger('git-utils');

/**
* simple-git blocks certain env vars (e.g., GIT_SSH_COMMAND, GIT_ASKPASS, etc.)
* by default to prevent common git vulnerabilities by throwing a exception. To
* maintain backwards compatibility, we opt to permit these env vars but raise a
* warning message s.t., system admins are aware.
*
* @see https://github.com/steveukx/git-js/blob/main/docs/PLUGIN-UNSAFE-ACTIONS.md
*/
const { vulnerabilities: envVulnerabilities } = parseEnv(process.env);
const unsafe = Object.fromEntries(
envVulnerabilities.map(v => [v.category, true] as const)
);

if (envVulnerabilities.length > 0) {
const details = envVulnerabilities.map(v => ` - ${v.category}: ${v.message}`).join('\n');
logger.warn(
`Opting in to unsafe simple-git categories based on inherited environment:\n${details}\n` +
`See https://github.com/steveukx/git-js/blob/main/docs/PLUGIN-UNSAFE-ACTIONS.md`
);
}

/**
* Creates a simple-git client that has it's working directory
* set to the given path.
Expand All @@ -22,6 +44,7 @@ const createGitClientForPath = (path: string, onProgress?: onProgressFn, signal?
const git = simpleGit({
progress: onProgress,
abort: signal,
unsafe,
})
.env({
...process.env,
Expand Down
Loading