fix: display reason for git failures#1201
Conversation
🦋 Changeset detectedLatest commit: b541208 The changes in this PR will be included in the next version bump. This PR includes changesets to release 2 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Package ArtifactsBuilt from f4a0e44. Download artifacts from this workflow run. JS SDK ( npm install ./e2b-2.14.2-git-permissions-error-fix.0.tgzCLI ( npm install ./e2b-cli-2.8.2-git-permissions-error-fix.0.tgzPython SDK ( pip install ./e2b-2.15.2+git.permissions.error.fix-py3-none-any.whl |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: SSH password auth errors no longer caught as auth failures
- Reintroduced a generic SSH auth snippet (
permission denied () in both SDK auth detectors and added password-mode regression tests soPermission denied (password).maps to GitAuth errors again.
- Reintroduced a generic SSH auth snippet (
Or push these changes by commenting:
@cursor push e6ee397959
Preview (e6ee397959)
diff --git a/packages/js-sdk/src/sandbox/git/utils.ts b/packages/js-sdk/src/sandbox/git/utils.ts
--- a/packages/js-sdk/src/sandbox/git/utils.ts
+++ b/packages/js-sdk/src/sandbox/git/utils.ts
@@ -516,6 +516,7 @@
'terminal prompts disabled',
'could not read username',
'invalid username or password',
+ 'permission denied (',
'permission denied (publickey',
'permission denied (keyboard-interactive',
'permission to ',
diff --git a/packages/js-sdk/tests/sandbox/git/authDetection.test.ts b/packages/js-sdk/tests/sandbox/git/authDetection.test.ts
--- a/packages/js-sdk/tests/sandbox/git/authDetection.test.ts
+++ b/packages/js-sdk/tests/sandbox/git/authDetection.test.ts
@@ -46,6 +46,17 @@
expect(isAuthFailure(err)).toBe(true)
})
+ test('classifies ssh password failures as auth failures', () => {
+ const err = new CommandExitError({
+ exitCode: 128,
+ error: 'git@github.com: Permission denied (password).',
+ stdout: '',
+ stderr: 'git@github.com: Permission denied (password).',
+ })
+
+ expect(isAuthFailure(err)).toBe(true)
+ })
+
test('clone raises GitPermissionError for path permission failures', async () => {
const err = createFilesystemPermissionError(
"fatal: could not create work tree dir '/home/workspace': Permission denied"
diff --git a/packages/python-sdk/e2b/sandbox/_git/auth.py b/packages/python-sdk/e2b/sandbox/_git/auth.py
--- a/packages/python-sdk/e2b/sandbox/_git/auth.py
+++ b/packages/python-sdk/e2b/sandbox/_git/auth.py
@@ -67,6 +67,7 @@
"terminal prompts disabled",
"could not read username",
"invalid username or password",
+ "permission denied (",
"permission denied (publickey",
"permission denied (keyboard-interactive",
"permission to ",
diff --git a/packages/python-sdk/tests/shared/git/test_auth.py b/packages/python-sdk/tests/shared/git/test_auth.py
--- a/packages/python-sdk/tests/shared/git/test_auth.py
+++ b/packages/python-sdk/tests/shared/git/test_auth.py
@@ -39,6 +39,12 @@
assert is_auth_failure(err) is True
+def test_is_auth_failure_detects_ssh_password_errors():
+ err = _command_exit("git@github.com: Permission denied (password).")
+
+ assert is_auth_failure(err) is True
+
+
class FailingCommands:
def __init__(self, err: CommandExitException):
self.err = errThis Bugbot Autofix run was free. To enable autofix for future PRs, go to the Cursor dashboard.
| 'permission denied (publickey', | ||
| 'permission denied (keyboard-interactive', | ||
| 'permission to ', | ||
| 'requested url returned error: 403', |
There was a problem hiding this comment.
SSH password auth errors no longer caught as auth failures
Medium Severity
Removing the generic 'permission denied' from isAuthFailure and only adding 'permission denied (publickey' and 'permission denied (keyboard-interactive' creates a gap for SSH errors with other auth methods. An error like "Permission denied (password)." matches neither isAuthFailure (no specific SSH method pattern) nor isPermissionFailure (no filesystem context), so it falls through as a generic error instead of being classified as a GitAuthError. This is a regression for servers using password or GSSAPI SSH authentication.
Additional Locations (1)
Applied via @cursor push command
2 participants
Note
Medium Risk
Changes git error classification and introduces new
GitPermission*exceptions in both JS and Python SDKs, which can affect downstream error handling and may be a minor breaking behavioral change. Scope is limited to git clone/push/pull failure parsing and messaging.Overview
Improves git failure reporting by separating filesystem write/permission errors from authentication errors.
Adds
GitPermissionError(JS) /GitPermissionException(Python) and updatesclone,push, andpullto detect common non-auth permission scenarios (e.g. read-only FS,.git/*.lock, worktree creation) and throw the new error with a clearer remediation message. Auth detection is tightened to treat SSH publickey/403-style failures as auth errors while avoiding genericpermission deniedmatches, and new unit tests cover the new classification.Written by Cursor Bugbot for commit 615dea7. This will update automatically on new commits. Configure here.