Skip to content

Git - dispose untrusted repositories when trust state changes #291498

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lszomoru merged 1 commit into from
Jan 29, 2026
Merged

Git - dispose untrusted repositories when trust state changes #291498

lszomoru merged 1 commit into from
Jan 29, 2026

Conversation

@lszomoru
Copy link
Member

@lszomoru lszomoru commented Jan 29, 2026

Copilot AI review requested due to automatic review settings January 29, 2026 07:01
@lszomoru lszomoru enabled auto-merge (squash) January 29, 2026 07:01
@lszomoru lszomoru self-assigned this Jan 29, 2026
@lszomoru lszomoru added the git GIT issues label Jan 29, 2026
@lszomoru lszomoru added this to the January 2026 milestone Jan 29, 2026
Copilot AI reviewed Jan 29, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR ensures Git repositories are disposed when workspace trust configuration changes, preventing repositories from remaining active after becoming untrusted.

Changes:

  • Subscribes the Git model to workspace trusted-folder change events.
  • Adds logic to detect repositories that are no longer trusted and dispose them.

extensions/git/src/model.ts
Comment on lines +497 to +504
const dotGitPath = openRepository.repository.dotGit.commonPath ?? openRepository.repository.dotGit.path;
const isTrusted = await workspace.isResourceTrusted(Uri.file(path.dirname(dotGitPath)));

if (!isTrusted) {
openRepositoriesToDispose.push(openRepository);
this.logger.trace(`[Model][onDidChangeWorkspaceTrustedFolders] Repository is no longer trusted: ${openRepository.repository.root}`);
}
}
Copy link

Copilot AI Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Trust is being evaluated against path.dirname(dotGitPath) where dotGitPath prefers repository.dotGit.commonPath. For worktrees, commonPath points at the main repo’s .git directory (see extensions/git/src/repository.ts:941-945), which can be outside the worktree folder. This can incorrectly dispose a trusted worktree (or keep an untrusted worktree) because you’re not checking the repository working tree location.

Instead, check trust for the repository root (e.g. workspace.isResourceTrusted(Uri.file(openRepository.repository.root))) so the trust decision matches the repository the user has open.

Suggested change
const dotGitPath = openRepository.repository.dotGit.commonPath ?? openRepository.repository.dotGit.path;
const isTrusted = await workspace.isResourceTrusted(Uri.file(path.dirname(dotGitPath)));
if (!isTrusted) {
openRepositoriesToDispose.push(openRepository);
this.logger.trace(`[Model][onDidChangeWorkspaceTrustedFolders] Repository is no longer trusted: ${openRepository.repository.root}`);
}
}
const isTrusted = await workspace.isResourceTrusted(Uri.file(openRepository.repository.root));
if (!isTrusted) {
openRepositoriesToDispose.push(openRepository);
this.logger.trace(`[Model][onDidChangeWorkspaceTrustedFolders] Repository is no longer trusted: ${openRepository.repository.root}`);
}
}
}

Copilot uses AI. Check for mistakes.
@lszomoru lszomoru merged commit e4e61e5 into main Jan 29, 2026
27 of 28 checks passed
@lszomoru lszomoru deleted the lszomoru/sophisticated-ptarmigan branch January 29, 2026 08:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@bpasero bpasero bpasero approved these changes

Assignees

@lszomoru lszomoru

Labels

git GIT issues

Projects

None yet

Milestone

January 2026

Development

Successfully merging this pull request may close these issues.

2 participants

@lszomoru @bpasero