fix(worktree): treat missing trusted git binary as recursive submodule config enabled

kenryu42 · kenryu42 · commit 0f3a06e2bd76 · 2026-05-01T03:49:42.000+09:00
When no trusted git binary is found, assume recursive submodule config
is enabled rather than disabled, so commands are allowed by default
instead of incorrectly blocked. Export effectiveGitConfigEnablesRecursiveSubmodules
for testing.
diff --git a/src/core/rules-git.ts b/src/core/rules-git.ts
@@ -608,15 +608,17 @@ function getEnvConfigValue(
   return envAssignments?.get(name) ?? process.env[name];
 }
 
-function effectiveGitConfigEnablesRecursiveSubmodules(cwd: string): boolean {
+function effectiveGitConfigEnablesRecursiveSubmodules(
+  cwd: string,
+  gitBinary: string | null = getTrustedGitBinary(),
+): boolean {
   const localConfigResult = localGitConfigEnablesRecursiveSubmodules(cwd);
   if (localConfigResult === null || localConfigResult) {
     return true;
   }
 
-  const gitBinary = getTrustedGitBinary();
   if (gitBinary === null) {
-    return false;
+    return true;
   }
 
   try {
@@ -958,6 +960,7 @@ function analyzeGitWorktree(tokens: readonly string[]): string | null {
 
 /** @internal Exported for testing */
 export {
+  effectiveGitConfigEnablesRecursiveSubmodules as _effectiveGitConfigEnablesRecursiveSubmodules,
   extractGitSubcommandAndRest as _extractGitSubcommandAndRest,
   getCheckoutPositionalArgs as _getCheckoutPositionalArgs,
   TRUSTED_GIT_BINARIES as _TRUSTED_GIT_BINARIES,
diff --git a/tests/core/rules-git.test.ts b/tests/core/rules-git.test.ts
@@ -2,7 +2,11 @@ import { describe, expect, test } from 'bun:test';
 import { execFileSync } from 'node:child_process';
 import { chmodSync, existsSync, mkdirSync, symlinkSync, writeFileSync } from 'node:fs';
 import { join } from 'node:path';
-import { _TRUSTED_GIT_BINARIES, analyzeGit } from '@/core/rules-git';
+import {
+  _effectiveGitConfigEnablesRecursiveSubmodules,
+  _TRUSTED_GIT_BINARIES,
+  analyzeGit,
+} from '@/core/rules-git';
 import {
   assertAllowed,
   assertBlocked,
@@ -22,6 +26,8 @@ describe('analyzeGit direct', () => {
     expect(_TRUSTED_GIT_BINARIES).toContain('/usr/bin/git');
     expect(_TRUSTED_GIT_BINARIES).toContain('/usr/local/bin/git');
     expect(_TRUSTED_GIT_BINARIES).toContain('/opt/homebrew/bin/git');
+    expect(_TRUSTED_GIT_BINARIES).toContain('C:\\Program Files\\Git\\cmd\\git.exe');
+    expect(_TRUSTED_GIT_BINARIES).toContain('C:\\Program Files\\Git\\bin\\git.exe');
   });
 });
 
@@ -1325,6 +1331,17 @@ describe('git linked worktree mode', () => {
     }
   });
 
+  test('SAFETY_NET_WORKTREE treats missing trusted git binary as recursive submodule config', () => {
+    const fixture = createLinkedWorktreeFixture();
+    try {
+      expect(_effectiveGitConfigEnablesRecursiveSubmodules(fixture.linkedWorktree, null)).toBe(
+        true,
+      );
+    } finally {
+      fixture.cleanup();
+    }
+  });
+
   test('SAFETY_NET_WORKTREE keeps configured recursive submodule discards blocked', () => {
     const fixture = createLinkedWorktreeFixture();
     try {
