fix(core): add explicit git identity env vars to prevent sandbox checkpointing error

[mrpmohiburrahman]

Summary

When both Docker sandbox and checkpointing are enabled, the shadow git repository fails to initialize with Author identity unknown error because the .gitconfig file may not be picked up properly inside the Docker container. This PR adds explicit GIT_AUTHOR_* and GIT_COMMITTER_* environment variables to getShadowRepoEnv() as a defense-in-depth fix, since these env vars have the highest priority in git's identity resolution chain.

Details

The shadow git repo already writes a .gitconfig with author identity and points to it via GIT_CONFIG_GLOBAL. However, in Docker sandbox environments, this config file may not be readable due to volume mount timing, permissions, or other container-specific issues.

This PR:

• Adds GIT_AUTHOR_NAME, GIT_AUTHOR_EMAIL, GIT_COMMITTER_NAME, and GIT_COMMITTER_EMAIL to the env vars passed to simple-git, ensuring identity is always available regardless of config file accessibility.
• Extracts hardcoded author name/email strings into exported constants (SHADOW_REPO_AUTHOR_NAME, SHADOW_REPO_AUTHOR_EMAIL) for DRY consistency between getShadowRepoEnv() and the .gitconfig content.
• Updates unit tests to verify the new env vars are set and to use the shared constants.

Related Issues

Fixes #14646

How to Validate

1. Run the unit tests:

   npm test -w @google/gemini-cli-core -- src/services/gitService.test.ts

   All 19 tests should pass, including should configure git environment to use local gitconfig which verifies the new env vars.

2. Manual validation (requires Docker sandbox):

   • Create a fresh directory with .gemini/settings.json:

     {
       "general": { "checkpointing": { "enabled": true } },
       "tools": { "sandbox": "docker" }
     }

   • Run gemini — it should start without the Author identity unknown error.

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Summary of Changes

Hello @mrpmohiburrahman, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request resolves an 'Author identity unknown' error encountered when the Gemini CLI operates within a Docker sandbox with checkpointing enabled. The issue arose because the .gitconfig file was not reliably accessible in containerized environments. The solution involves explicitly setting Git author and committer identity environment variables within the shadow Git repository's environment, guaranteeing that identity information is always provided regardless of .gitconfig file accessibility.

Highlights

• Explicit Git Identity Environment Variables: Explicitly configured GIT_AUTHOR_NAME, GIT_AUTHOR_EMAIL, GIT_COMMITTER_NAME, and GIT_COMMITTER_EMAIL environment variables for the shadow Git repository to prevent 'Author identity unknown' errors in sandboxed environments.
• Extracted Author Constants: Extracted hardcoded Git author and committer details into new, exported constants (SHADOW_REPO_AUTHOR_NAME, SHADOW_REPO_AUTHOR_EMAIL) for improved consistency and maintainability across the codebase.
• Updated Unit Tests: Updated unit tests to validate the correct setting of these new environment variables and to utilize the newly defined constants, ensuring the fix behaves as expected.

Changelog

• packages/core/src/services/gitService.test.ts
  • Imported SHADOW_REPO_AUTHOR_NAME and SHADOW_REPO_AUTHOR_EMAIL constants.
  • Modified the expected git config content to use the new author constants.
  • Added assertions to verify that GIT_AUTHOR_NAME, GIT_AUTHOR_EMAIL, GIT_COMMITTER_NAME, and GIT_COMMITTER_EMAIL environment variables are correctly set.
• packages/core/src/services/gitService.ts
  • Exported SHADOW_REPO_AUTHOR_NAME and SHADOW_REPO_AUTHOR_EMAIL constants.
  • Added GIT_AUTHOR_NAME, GIT_AUTHOR_EMAIL, GIT_COMMITTER_NAME, and GIT_COMMITTER_EMAIL to the environment variables returned by getShadowRepoEnv.
  • Updated the gitConfigContent string to use the new author constants.

Activity

• Updated relevant documentation and README.
• Added and updated tests to cover the changes.
• Validated the changes on MacOS using npm run.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request provides a robust fix for a git identity issue that occurs in sandboxed environments like Docker. By explicitly setting the GIT_AUTHOR_* and GIT_COMMITTER_* environment variables, the change ensures that git operations within the shadow repository do not fail due to an unknown author identity. The implementation is clean, extracting hardcoded values into constants for better maintainability and updating the corresponding tests to verify the new behavior. The changes are correct and effectively address the issue.

[DavidAPierce]

LGTM.

I ran an additional CLI review as well:
This PR provides a defense-in-depth fix for "Author identity unknown" errors that occur when using the Docker sandbox with checkpointing enabled. It ensures that the Git identity is always available to the "shadow
repository" by explicitly setting environment variables, which override any filesystem-based configuration issues in sandboxed environments.

Analysis

• Correctness: The PR correctly implements Git identity resolution using GIT_AUTHOR_NAME, GIT_AUTHOR_EMAIL, GIT_COMMITTER_NAME, and GIT_COMMITTER_EMAIL. These environment variables have the highest priority in Git's
  configuration chain.
• Robustness: By moving from a file-only configuration (.gitconfig) to explicit environment variables, the system becomes much more resilient to volume mount delays or permission issues common in Docker/Podman.
• Maintainability: The introduction of exported constants (SHADOW_REPO_AUTHOR_NAME and SHADOW_REPO_AUTHOR_EMAIL) is a good practice that ensures consistency between the generated config file and the environment
  variables.
• Testability: The GitService unit tests were updated to verify that these environment variables are correctly injected into the Git execution environment.

Verification Results
I manually applied the PR's changes and ran the relevant verification suite:

• Unit Tests: All 19 tests in gitService.test.ts passed successfully.
• Build: The @google/gemini-cli-core package builds correctly with no TypeScript errors.

Recommendation
Approved. The changes are surgical, well-reasoned, and follow the project's established patterns for handling sandboxed environments.