cline icon indicating copy to clipboard operation
cline copied to clipboard
verified publisher icon cline

Prevent crash when running into a symlink cycle

Open kodek opened this issue 8 months ago • 1 comments

Description

A symlink cycle in the workspace directory structure leads to globby() crashing the extension host. See more info at https://github.com/cline/cline/issues/2239#issuecomment-2814432920.

This PR sets a (reasonable?) depth limit for directory traversal (as a workaround).

Test Procedure

Ran the "Test" GH workflow before sending the PR.

Type of Change

  • [x] 🐛 Bug fix (non-breaking change which fixes an issue)
  • [ ] ✨ New feature (non-breaking change which adds functionality)
  • [ ] 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • [ ] ♻️ Refactor Changes
  • [ ] 💅 Cosmetic Changes
  • [ ] 📚 Documentation update
  • [ ] 🏃 Workflow Changes

Pre-flight Checklist

  • [x] Changes are limited to a single feature, bugfix or chore (split larger changes into separate PRs)
  • [ ] Tests are passing (npm test) and code is formatted and linted (npm run format && npm run lint)
  • [ ] I have created a changeset using npm run changeset (required for user-facing changes)
  • [x] I have reviewed contributor guidelines

Screenshots

Additional Notes

Note: npm test is failing at HEAD.

Next steps: A better solution would be to fix the globby dependency to detect these cycles. Alternatively, Cline could attempt to detect these cycles by probing different depth limits.

[!IMPORTANT] Sets a depth limit for directory traversal to prevent crashes from symlink cycles and adds a test for symlink loop handling.

  • Behavior:
    • Sets a depth limit of 10 for directory traversal in CheckpointGitOperations.ts, CheckpointTracker-old.ts, and list-files.ts to prevent crashes from symlink cycles.
    • Adds a test in ClineIgnoreController.test.ts to ensure symlink loops are handled gracefully.
  • Misc:
    • Updates globby options in affected files to include deep: 10.

This description was created by Ellipsis for bd50dc3778d5472f66221411ae52415ba04b91a7. You can customize this summary. It will automatically update as commits are pushed.

kodek avatar Apr 19 '25 23:04 kodek

⚠️ No Changeset found

Latest commit: 1efd52376449029e4c155ed731039f471beb35c5

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

changeset-bot[bot] avatar Apr 19 '25 23:04 changeset-bot[bot]

@kodek thanks for this! sorry it took a while to get to this - im concerned with a fixed depth since this can differ greatly by codebase. ideally we could do cycle detection for the symlinks. do you have any thoughts on how to do this well?

0xToshii avatar Jun 19 '25 03:06 0xToshii

closing this for now, but on our radar. created #4445 to discuss support for symlinks

0xToshii avatar Jun 24 '25 19:06 0xToshii