Load env vars from login shell in remote server #40148
Conversation
Co-authored-by: Cole Miller <cole@zed.dev>
cla-bot
bot
added
the
cla-signed
|
I think it would be good to advise the user that the application is loading local env vars to the server as that is not necessarily expected and may not be considered secure in some environments. |
|
Can you say more about how this is not considered secure? I don't think we're doing anything unusual here - the environment variables never leave the remote machine. |
Fixes a bug mentioned in #38891 Release Notes: - Fixed a bug where environment variables like `NODE_EXTRA_CA_CERTS` were not loaded from the user's shell initialization scripts in WSL or SSH remote projects. Co-authored-by: Cole Miller <cole@zed.dev>
I don't think its necessarily insecure, other than than users may not realize its being done. Its a good change imo. Just seems like its a human vector. Not an application issue. |
|
Contracting I sometimes connect to machines that I don't necessarily trust, but I don't do the eval with zed. I do it with traditional tools. But I could see others doing this with less awareness. |
|
@maxbrunsfeld Responded but just for clarity ^^ |
Fixes a bug mentioned in zed-industries#38891 Release Notes: - Fixed a bug where environment variables like `NODE_EXTRA_CA_CERTS` were not loaded from the user's shell initialization scripts in WSL or SSH remote projects. Co-authored-by: Cole Miller <cole@zed.dev>
Fixes a bug mentioned in #38891
Release Notes:
NODE_EXTRA_CA_CERTSwere not loaded from the user's shell initialization scripts in WSL or SSH remote projects.