feat(sandbox-ssh-fix): add plugin to fix git-over-SSH in macOS sandbox#59
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (7)
✅ Files skipped from review due to trivial changes (3)
🚧 Files skipped from review as they are similar to previous changes (4)
📝 WalkthroughWalkthroughAdds a new ChangesSandbox SSH fix plugin
Sequence Diagram(s)sequenceDiagram
participant SessionStartHook
participant FixGitSshScript
participant ClaudeEnvFile
SessionStartHook->>FixGitSshScript: runs ${CLAUDE_PLUGIN_ROOT}/scripts/fix-git-ssh.sh
FixGitSshScript->>FixGitSshScript: checks SANDBOX_RUNTIME, GIT_SSH_COMMAND, ALL_PROXY, CLAUDE_ENV_FILE
alt ncat is available
FixGitSshScript->>ClaudeEnvFile: append export GIT_SSH_COMMAND with ProxyCommand using ncat
else ncat is missing
FixGitSshScript->>ClaudeEnvFile: append export GIT_SSH_COMMAND=ssh
end
FixGitSshScript->>ClaudeEnvFile: append SessionStart success message
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@sandbox-ssh-fix/scripts/fix-git-ssh.sh`:
- Around line 25-27: The ncat fallback in fix-git-ssh.sh currently writes a
plain GIT_SSH_COMMAND=ssh, which drops the no-mux SSH options and can still
break in the sandbox. Update the fallback branch in the script’s SSH command
setup so it preserves the existing no-multiplexing settings from the main path,
including ControlMaster=no and ControlPath=none, while still bypassing the
SOCKS5 proxy when ncat is unavailable.
- Around line 22-23: The exported GIT_SSH_COMMAND in fix-git-ssh.sh is being
written with broken shell quoting because ssh_cmd already contains single quotes
around ProxyCommand. Update the env-file write in the script to use shell-safe
escaping when appending to CLAUDE_ENV_FILE, keeping the existing ssh_cmd
construction intact and changing only how the export line is emitted.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: e62d016c-704b-47d8-b1c2-654aea979369
📒 Files selected for processing (7)
.claude-plugin/marketplace.jsonREADME.mdsandbox-ssh-fix/.claude-plugin/plugin.jsonsandbox-ssh-fix/CLAUDE.mdsandbox-ssh-fix/README.mdsandbox-ssh-fix/hooks/hooks.jsonsandbox-ssh-fix/scripts/fix-git-ssh.sh
There was a problem hiding this comment.
Pull request overview
This PR adds a new sandbox-ssh-fix plugin to the marketplace that works around an upstream Claude Code bug (anthropics/claude-code#70684) where the macOS sandbox injects a GIT_SSH_COMMAND using BSD nc -X 5 for SOCKS5 proxying, which breaks git-over-SSH because macOS nc lacks SOCKS5 authentication. A SessionStart hook detects the broken pattern and rewrites GIT_SSH_COMMAND to use ncat (with credentials parsed from ALL_PROXY), falling back to plain ssh when ncat is absent. It fits the repo's flat, per-plugin marketplace structure and follows the existing SessionStart-hook pattern used by the git plugin.
Changes:
- New
sandbox-ssh-fixplugin:plugin.json,hooks/hooks.json,scripts/fix-git-ssh.sh,README.md,CLAUDE.md. - Registered the plugin in
.claude-plugin/marketplace.json(strict) and the rootREADME.mdplugin table. - The hook gates on
SANDBOX_RUNTIME, the brokennc -X 5pattern,ALL_PROXYcredentials, andCLAUDE_ENV_FILEbefore writing the override.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| sandbox-ssh-fix/scripts/fix-git-ssh.sh | Core hook script; constructs and exports the corrected GIT_SSH_COMMAND (has a quoting bug). |
| sandbox-ssh-fix/hooks/hooks.json | Registers the SessionStart hook pointing at the script. |
| sandbox-ssh-fix/.claude-plugin/plugin.json | Plugin manifest (name, version, description, author, keywords). |
| sandbox-ssh-fix/README.md | User-facing documentation of the problem, behavior, and prerequisites. |
| sandbox-ssh-fix/CLAUDE.md | Internal notes on detection logic and design rationale. |
| .claude-plugin/marketplace.json | Adds the plugin to the marketplace manifest. |
| README.md | Adds the plugin to the Available Plugins table. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
The Claude Code sandbox injects GIT_SSH_COMMAND with BSD nc for SOCKS5 proxying, but nc on macOS doesn't support SOCKS5 auth. This plugin detects the broken pattern and replaces it with ncat or falls back to plain ssh. Workaround for anthropics/claude-code#70684 Assisted-by: Claude:claude-opus-4-6
2467d35 to
acb1118
Compare
|
@CodeRabbit review |
✅ Action performedReview finished.
|
Summary
sandbox-ssh-fixplugin that works around anthropics/claude-code#70684GIT_SSH_COMMANDwith BSDnc -X 5for SOCKS5 proxying, butncon macOS doesn't support SOCKS5 authentication — breaking all git-over-SSH operationsncat --proxy-type socks5 --proxy-auth(or falls back to plainsshifncatis unavailable)Test plan
GIT_SSH_COMMANDis overriddengit fetch --dry-run -vto confirm git-over-SSH worksSANDBOX_RUNTIMEunset)ncatis not installedSummary by CodeRabbit
sandbox-ssh-fixplugin for Claude Code on macOS to address broken Git-over-SSH proxying in the sandbox.