Skip to content

Environment Parsing #1156

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
steveukx merged 7 commits into from
Apr 11, 2026
Merged

Environment Parsing #1156

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
b796ede
Adds `diff.textconv`, `filter.clean` and `filter.smudge` to known exp…
steveukx Apr 10, 2026
2c03a59
Add environment variable scanning
steveukx Apr 11, 2026
0809260
Add environment variable scanning to unsafe plugin
steveukx Apr 11, 2026
fb722f7
Add unsafe integration test for `core.fsmonitor` to attribute source
steveukx Apr 11, 2026
09b378b
Apply unsafe filtering for `--template` flag, vulnerable merge config…
steveukx Apr 11, 2026
cd4024d
Update documentation for unsafe plugin
steveukx Apr 11, 2026
0ab6c5b
Extend vulnerability scanning to additional filters, gpg and more con…
steveukx Apr 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .changeset/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"$schema": "https://unpkg.com/@changesets/config@1.6.4/schema.json",
"$schema": "https://unpkg.com/@changesets/config@3.1.3/schema.json",
"changelog": "@changesets/cli/changelog",
"commit": false,
"linked": [],
"access": "public",
"baseBranch": "main",
"baseBranch": "origin/main",
"updateInternalDependencies": "patch",
"ignore": [
"@simple-git/test-utils"
Expand Down
11 changes: 11 additions & 0 deletions .changeset/deep-ducks-care.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
"@simple-git/argv-parser": minor
simple-git: minor
---

Extend known exploitable configuration keys and per-task environment variables.

Note - `ParsedVulnerabilities` from `argv-parser` is removed in favour of a readonly array of `Vulnerability` to match usage in `simple-git`, rolled into the new `vulnerabilityCheck` for simpler access to the identified issues.

Thanks to @zebbern for identifying the need to block `core.fsmonitor`.
Thanks to @kodareef5 for identifying the need to block `GIT_CONFIG_COUNT` environment variables and `--template` / `merge` related config.
Loading