Isolate curated plugin sync Git environment (#29785)

## Why

Several users have reported data loss from this bug, including tracked
files being deleted or replaced and branches appearing to be reset to
the curated plugins repository. This can happen during startup, before
the model chooses to edit anything.

Ambient repository variables such as `GIT_DIR` and `GIT_WORK_TREE` can
override the repository selected by `git -C`, redirecting startup sync's
`git reset --hard` and `git clean -fdx` into the user's active
workspace.

## What

Route every startup-sync Git invocation through a shared command builder
that removes repository-local environment variables before execution.
Add regression coverage to keep those variables isolated.

Fixes #27416
This commit is contained in:
Eric Traut
2026-06-24 16:04:51 -07:00
committed by GitHub
Unverified
parent 9ff8068880
commit 134646eff0
2 changed files with 65 additions and 27 deletions
+48 -27
View File
@@ -34,6 +34,27 @@ const CURATED_PLUGINS_HTTP_TIMEOUT: Duration = Duration::from_secs(30);
const CURATED_PLUGINS_BACKUP_ARCHIVE_TIMEOUT: Duration = Duration::from_secs(30);
// Keep this comfortably above a normal sync attempt so we do not race another Codex process.
const CURATED_PLUGINS_STALE_TEMP_DIR_MAX_AGE: Duration = Duration::from_secs(10 * 60);
// These variables can redirect Git away from the repository selected by `-C`,
// or inject command-scoped configuration into the sync commands.
const REPOSITORY_LOCAL_GIT_ENVIRONMENT_VARIABLES: &[&str] = &[
"GIT_ALTERNATE_OBJECT_DIRECTORIES",
"GIT_CEILING_DIRECTORIES",
"GIT_COMMON_DIR",
"GIT_CONFIG",
"GIT_CONFIG_COUNT",
"GIT_CONFIG_PARAMETERS",
"GIT_DIR",
"GIT_DISCOVERY_ACROSS_FILESYSTEM",
"GIT_GRAFT_FILE",
"GIT_IMPLICIT_WORK_TREE",
"GIT_INDEX_FILE",
"GIT_NAMESPACE",
"GIT_OBJECT_DIRECTORY",
"GIT_PREFIX",
"GIT_REPLACE_REF_BASE",
"GIT_SHALLOW_FILE",
"GIT_WORK_TREE",
];
#[derive(Debug, Deserialize)]
struct GitHubRepositorySummary {
@@ -242,17 +263,14 @@ fn fetch_curated_plugins_commit_from(
context: &str,
) -> Result<(), String> {
let fetch_refspec = format!("+{source_revision}:{CURATED_PLUGINS_FETCH_REF}");
let output = run_git_command_with_timeout(
Command::new(git_binary)
.env("GIT_OPTIONAL_LOCKS", "0")
.arg("-C")
.arg(repo_path)
.args(["fetch", "--depth", "1", "--no-tags"])
.arg(source)
.arg(fetch_refspec),
context,
CURATED_PLUGINS_GIT_TIMEOUT,
)?;
let mut command = git_command(git_binary);
command
.arg("-C")
.arg(repo_path)
.args(["fetch", "--depth", "1", "--no-tags"])
.arg(source)
.arg(fetch_refspec);
let output = run_git_command_with_timeout(&mut command, context, CURATED_PLUGINS_GIT_TIMEOUT)?;
ensure_git_success(&output, context)
}
@@ -277,15 +295,9 @@ fn run_git_in_repo(
args: &[&str],
context: &str,
) -> Result<(), String> {
let output = run_git_command_with_timeout(
Command::new(git_binary)
.env("GIT_OPTIONAL_LOCKS", "0")
.arg("-C")
.arg(repo_path)
.args(args),
context,
CURATED_PLUGINS_GIT_TIMEOUT,
)?;
let mut command = git_command(git_binary);
command.arg("-C").arg(repo_path).args(args);
let output = run_git_command_with_timeout(&mut command, context, CURATED_PLUGINS_GIT_TIMEOUT)?;
ensure_git_success(&output, context)
}
@@ -583,12 +595,13 @@ fn read_local_git_or_sha_file(
}
fn git_ls_remote_head_sha(git_binary: &str) -> Result<String, String> {
let mut command = git_command(git_binary);
command
.arg("ls-remote")
.arg("https://github.com/openai/plugins.git")
.arg("HEAD");
let output = run_git_command_with_timeout(
Command::new(git_binary)
.env("GIT_OPTIONAL_LOCKS", "0")
.arg("ls-remote")
.arg("https://github.com/openai/plugins.git")
.arg("HEAD"),
&mut command,
"git ls-remote curated plugins repo",
CURATED_PLUGINS_GIT_TIMEOUT,
)?;
@@ -610,8 +623,7 @@ fn git_ls_remote_head_sha(git_binary: &str) -> Result<String, String> {
}
fn git_head_sha(repo_path: &Path, git_binary: &str) -> Result<String, String> {
let output = Command::new(git_binary)
.env("GIT_OPTIONAL_LOCKS", "0")
let output = git_command(git_binary)
.arg("-C")
.arg(repo_path)
.arg("rev-parse")
@@ -635,6 +647,15 @@ fn git_head_sha(repo_path: &Path, git_binary: &str) -> Result<String, String> {
Ok(sha)
}
fn git_command(git_binary: &str) -> Command {
let mut command = Command::new(git_binary);
command.env("GIT_OPTIONAL_LOCKS", "0");
for name in REPOSITORY_LOCAL_GIT_ENVIRONMENT_VARIABLES {
command.env_remove(name);
}
command
}
fn run_git_command_with_timeout(
command: &mut Command,
context: &str,
@@ -1,5 +1,6 @@
use super::*;
use pretty_assertions::assert_eq;
use std::ffi::OsStr;
use std::io::Write;
use std::path::Path;
use std::path::PathBuf;
@@ -16,6 +17,22 @@ use zip::write::SimpleFileOptions;
const TEST_CURATED_PLUGIN_SHA: &str = "0123456789abcdef0123456789abcdef01234567";
#[test]
fn git_command_sanitizes_ambient_repository_environment() {
let command = git_command("git");
for name in REPOSITORY_LOCAL_GIT_ENVIRONMENT_VARIABLES {
assert_eq!(
command
.get_envs()
.find(|(key, _)| *key == OsStr::new(name))
.map(|(_, value)| value),
Some(None),
"{name} should be removed from startup sync Git commands"
);
}
}
fn write_file(path: &Path, contents: &str) {
std::fs::create_dir_all(path.parent().expect("file should have a parent")).unwrap();
std::fs::write(path, contents).unwrap();