Skip to content

fix: prompt before executing test/lint commands from repo config (issue #5254)#5365

Open
chrislazar25 wants to merge 1 commit into
Aider-AI:mainfrom
chrislazar25:fix/issue-5254
Open

fix: prompt before executing test/lint commands from repo config (issue #5254)#5365
chrislazar25 wants to merge 1 commit into
Aider-AI:mainfrom
chrislazar25:fix/issue-5254

Conversation

@chrislazar25

@chrislazar25 chrislazar25 commented Jun 30, 2026

Copy link
Copy Markdown

Summary: Fix arbitrary command execution at startup when a repository's .aider.conf.yml sets test-cmd or lint-cmd by prompting the user for confirmation before executing.

Technical Details:

  • Root Cause: default_config_files includes the git-repo-root .aider.conf.yml. When that file sets test: true + test-cmd, the command executes at startup with shell=True and no confirmation. Attackers can craft a repo that executes arbitrary code the moment aider runs inside the clone.
  • Mechanism: Add get_repo_config_cmd_files() that scans config files (excluding user's ~/.aider.conf.yml) for test-cmd, lint-cmd, test:, lint: keys. Before executing test/lint, if dangerous keys are found in repo config and --yes-always was not passed, the user is prompted. If declined, execution returns 0.

Verification: Confirmed adherence to CONTRIBUTING.md. Ran python -m pytest tests/. 455 passed, 1 pre-existing env failure (test_voice requires audio hardware). Pre-commit hooks (isort, black, flake8, codespell) all green. Manual E2E:

  • Repo config with test-cmd → correctly detected as dangerous
  • Repo config with echo: true only → not flagged
  • Home config with test-cmd → excluded from scan
  • CLI --test-cmd → no prompt (trusted source)

Blast Radius:

  • Impact: Medium (security fix). Changes behavior when a repo-root .aider.conf.yml contains test/lint command keys those now require confirmation before executing.
  • Trade-offs: Adds one interactive prompt at startup for affected configs. No impact on CLI-provided test/lint commands or home config. --yes-always skips the prompt.

Fixes #5254

@chrislazar25 chrislazar25 marked this pull request as ready for review June 30, 2026 19:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant