fix(cli): ensure project .env is sanitized before loading

This commit is contained in:
hharry11 2026-04-22 10:10:46 +03:00 committed by Teknium
parent cf55c738e7
commit 83cb9a03ee
2 changed files with 21 additions and 0 deletions

View file

@ -160,6 +160,8 @@ def load_hermes_dotenv(
# Fix corrupted .env files before python-dotenv parses them (#8908). # Fix corrupted .env files before python-dotenv parses them (#8908).
if user_env.exists(): if user_env.exists():
_sanitize_env_file_if_needed(user_env) _sanitize_env_file_if_needed(user_env)
if project_env_path and project_env_path.exists():
_sanitize_env_file_if_needed(project_env_path)
if user_env.exists(): if user_env.exists():
_load_dotenv_with_fallback(user_env, override=True) _load_dotenv_with_fallback(user_env, override=True)

View file

@ -33,6 +33,25 @@ def test_project_env_overrides_stale_shell_values_when_user_env_missing(tmp_path
assert os.getenv("OPENAI_BASE_URL") == "https://project.example/v1" assert os.getenv("OPENAI_BASE_URL") == "https://project.example/v1"
def test_project_env_is_sanitized_before_loading(tmp_path, monkeypatch):
home = tmp_path / "hermes"
project_env = tmp_path / ".env"
project_env.write_text(
"TELEGRAM_BOT_TOKEN=8356550917:AAGGEkzg06Hrc3Hjb3Sa1jkGVDOdU_lYy2Q"
"ANTHROPIC_API_KEY=sk-ant-test123\n",
encoding="utf-8",
)
monkeypatch.delenv("TELEGRAM_BOT_TOKEN", raising=False)
monkeypatch.delenv("ANTHROPIC_API_KEY", raising=False)
loaded = load_hermes_dotenv(hermes_home=home, project_env=project_env)
assert loaded == [project_env]
assert os.getenv("TELEGRAM_BOT_TOKEN") == "8356550917:AAGGEkzg06Hrc3Hjb3Sa1jkGVDOdU_lYy2Q"
assert os.getenv("ANTHROPIC_API_KEY") == "sk-ant-test123"
def test_user_env_takes_precedence_over_project_env(tmp_path, monkeypatch): def test_user_env_takes_precedence_over_project_env(tmp_path, monkeypatch):
home = tmp_path / "hermes" home = tmp_path / "hermes"
home.mkdir() home.mkdir()