fix(non-interactive-env): add Windows/PowerShell support

[sisyphus-dev-ai]

Summary

Fixes #566 by adding Windows/PowerShell support to the non-interactive-env hook.

Previously, the hook used Unix-only export VAR=val; syntax which broke on Windows shells (PowerShell, cmd.exe). This PR implements cross-platform shell detection and appropriate syntax generation.

Changes

New Shared Utility: src/shared/shell-env.ts

Created reusable shell environment utility with three core functions:

1. detectShellType() - Detects shell type using environment heuristics

   • Priority: PSModulePath → PowerShell, SHELL → Unix, platform fallback
   • Returns: "unix" | "powershell" | "cmd"

2. shellEscape(value, shellType) - Shell-specific value escaping

   • Unix: Single-quote escaping with '\'' for embedded quotes
   • PowerShell: Single-quote escaping with '' for embedded quotes
   • cmd.exe: Double-quote escaping with "" for embedded quotes

3. buildEnvPrefix(env, shellType) - Builds shell-specific env var prefix

   • Unix: export VAR1=val1 VAR2=val2;
   • PowerShell: $env:VAR1='val1'; $env:VAR2='val2';
   • cmd.exe: set VAR1="val1" && set VAR2="val2" &&

Updated Hook: src/hooks/non-interactive-env/index.ts

• Removed duplicate shellEscape() and buildEnvPrefix() functions
• Now uses shared utility with shell type detection
• Automatically adapts to user's shell environment

Testing

Followed TDD methodology (RED-GREEN-REFACTOR):

Tests Added

• 41 new unit tests in src/shared/shell-env.test.ts
  • Shell type detection (6 tests)
  • Shell escaping for all shell types (20 tests)
  • Env prefix building for all shell types (15 tests)
• 5 new cross-platform integration tests in src/hooks/non-interactive-env/index.test.ts
  • macOS/Linux Unix syntax
  • Windows PowerShell syntax
  • Windows cmd.exe syntax
  • Escaping verification
  • Chained command handling

Test Results

✓ All 696 tests pass (16 hook tests, 41 shell-env tests, 639 other tests)
✓ Type checking passes (tsc --noEmit)
✓ Build succeeds

Implementation Details

Shell Detection Strategy:

• Uses fast environment variable checks (no subprocess spawning)
• PSModulePath reliably indicates PowerShell (both 5.1 and Core/pwsh)
• SHELL env var indicates Unix shells
• Platform fallback: win32 → cmd, others → unix
• Git Bash on Windows automatically detected as Unix (has SHELL=/bin/bash)

Architecture:

• Shared utility pattern (matches existing src/shared/ conventions)
• Reusable across codebase for future Windows compatibility needs
• Minimal changes to hook implementation (3 lines changed)
• Zero breaking changes - existing Unix behavior preserved

Edge Cases Handled

• Empty env values → properly escaped/quoted
• Special characters: spaces, quotes, $, %, &, |, <, >, ^
• Windows paths with backslashes → preserved correctly
• Newlines in values → wrapped in quotes
• Empty env object → returns empty string (no-op)
• Chained commands → env vars apply to entire chain

Benefits

1. Windows Users: Hook now works on PowerShell and cmd.exe
2. Cross-Platform: Single codebase handles all major shells
3. Maintainability: Centralized shell logic in shared utility
4. Future-Proof: Easy to extend for other shell types (fish, zsh, etc.)
5. Well-Tested: 46 new tests ensure correctness across platforms

Related Issues

Closes #566

---

Summary by cubic

Adds Windows and PowerShell support to the non-interactive-env hook by detecting the current shell and generating the right env var prefix. Applies env vars only in non-interactive contexts and fixes cmd.exe percent sign escaping; Unix behavior stays the same.

• Bug Fixes

  • Detects shell (PSModulePath → PowerShell, SHELL → Unix, otherwise win32→cmd, else unix).
  • Builds shell-specific prefixes: export VAR=val; | $env:VAR='val'; | set VAR="val" &&.
  • Escapes values per shell to handle quotes, spaces, Windows paths, and cmd.exe percent signs.
  • Ensures vars apply to chained commands (e.g., cmd1 && cmd2).

• Refactors

  • Introduces shared shell-env utility (detectShellType, shellEscape, buildEnvPrefix) and uses it in the hook.
  • Removes duplicate logic in the hook; minimal code changes.
  • Adds unit and cross-platform integration tests; all tests and type checks pass.

^{Written for commit f99e7e4. Summary will update on new commits.}

[greptile-apps]

Greptile Summary

Adds Windows/PowerShell support to the non-interactive-env hook by implementing cross-platform shell detection and environment variable syntax generation. Previously, the hook used Unix-only export VAR=val; syntax which broke on Windows shells.

Key Changes:

• Created src/shared/shell-env.ts utility with detectShellType(), shellEscape(), and buildEnvPrefix() functions
• Shell detection uses PSModulePath → PowerShell, SHELL → Unix, platform fallback for cmd.exe
• Generates shell-appropriate syntax: Unix (export VAR=val;), PowerShell ($env:VAR='val';), cmd.exe (set VAR="val" &&)
• Refactored hook to use shared utility instead of duplicate logic
• Added 46 new tests (41 unit + 5 integration) with comprehensive edge case coverage
• All 696 tests pass, type checking passes, build succeeds

Architecture:

• Follows existing src/shared/ patterns for reusable utilities
• Minimal changes to hook (3 lines modified)
• Zero breaking changes - Unix behavior preserved
• Well-documented with JSDoc and examples

Known Issue (Not Addressed):
Issue #566 raised that isNonInteractive() is exported but never called, meaning the hook applies restrictive env vars in all contexts including interactive sessions. This PR focuses solely on Windows compatibility and doesn't resolve the conditional execution concern. The hook still prepends env vars unconditionally to all git commands.

Confidence Score: 4/5

• Safe to merge - fixes critical Windows bug with well-tested implementation, but doesn't address the conditional execution issue from [Bug]: non-interactive-env hook: Shell incompatibility and missing environment detection breaks PowerShell and interactive sessions #566
• Score of 4 reflects solid Windows/PowerShell support implementation with comprehensive tests (46 new tests), proper TDD methodology, and no breaking changes. However, the hook still applies unconditionally to all git commands rather than only non-interactive contexts, which was a concern raised in issue [Bug]: non-interactive-env hook: Shell incompatibility and missing environment detection breaks PowerShell and interactive sessions #566. The Windows fix is complete and correct, but the broader architectural issue remains unaddressed.
• src/hooks/non-interactive-env/index.ts requires attention - should call isNonInteractive() to avoid applying restrictive settings in interactive sessions

Important Files Changed

Filename	Overview
src/shared/shell-env.ts	New shared utility for cross-platform shell detection and escaping - well-tested implementation
src/shared/shell-env.test.ts	Comprehensive unit tests (41 tests) covering all shell types and edge cases
src/hooks/non-interactive-env/index.ts	Refactored to use shared shell utilities - still applies env vars unconditionally (isNonInteractive not called)

Sequence Diagram

sequenceDiagram
    participant User
    participant Hook as non-interactive-env hook
    participant ShellEnv as shell-env utility
    participant Bash as Bash tool
    
    User->>Hook: Execute git command
    Hook->>Hook: Check tool equals bash
    Hook->>Hook: Check command contains git
    Hook->>ShellEnv: detectShellType()
    ShellEnv->>ShellEnv: Check PSModulePath for PowerShell
    ShellEnv->>ShellEnv: Check SHELL env var for Unix
    ShellEnv->>ShellEnv: Fallback to platform
    ShellEnv-->>Hook: Return shell type
    Hook->>ShellEnv: buildEnvPrefix with env and shellType
    ShellEnv->>ShellEnv: Apply shellEscape to each value
    alt Unix shell
        ShellEnv-->>Hook: Return export statement
    else PowerShell
        ShellEnv-->>Hook: Return PowerShell env syntax
    else cmd.exe
        ShellEnv-->>Hook: Return cmd set syntax
    end
    Hook->>Hook: Prepend prefix to command
    Hook->>Bash: Modified command with env vars
    Bash-->>User: Execute with non-interactive environment

Loading

[greptile-apps]

Additional Comments (1)

1. src/hooks/non-interactive-env/index.ts, line 44-50 (link)

   logic: Missing isNonInteractive() check - Issue #566 specifically identified that this function exists in detector.ts but is never called. The hook currently applies environment variables in ALL contexts (interactive and non-interactive), which contradicts the hook's name and purpose.

   Add environment detection before applying env vars:

_{5 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

logic: Need to import isNonInteractive function that's exported from this module but never used.

Suggested change

	import { log, detectShellType, buildEnvPrefix } from "../../shared"
	import { log, detectShellType, buildEnvPrefix } from "../../shared"
	import { isNonInteractive } from "./detector"

Prompt To Fix With AI

This is a comment left during a code review.
Path: src/hooks/non-interactive-env/index.ts
Line: 3:3

Comment:
**logic:** Need to import `isNonInteractive` function that's exported from this module but never used.

```suggestion
import { log, detectShellType, buildEnvPrefix } from "../../shared"
import { isNonInteractive } from "./detector"
```

How can I resolve this? If you propose a fix, please make it concise.

[cubic-dev-ai]

1 issue found across 5 files

Confidence score: 3/5

• Missing percent-sign escaping in src/shared/shell-env.ts lets % sequences expand in cmd.exe, so values like 100% or %PATH% will be mangled when commands run.
• Because this is a concrete, user-facing quoting bug in shell env handling, there's a moderate regression risk until the escaping is fixed.
• Pay close attention to src/shared/shell-env.ts - ensure % characters are properly escaped before invoking cmd.exe.

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="src/shared/shell-env.ts">

<violation number="1" location="src/shared/shell-env.ts:46">
P1: cmd.exe escaping is missing percent sign handling. The `%` character triggers environment variable expansion even inside double quotes. Values containing `%` (like `100%` or `%PATH%`) will be incorrectly expanded. Escape `%` as `%%` before escaping double quotes.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[code-yeongyu]

@sisyphus-dev-ai reflect reviews and re request to reviewers as comment

[sisyphus-dev-ai]

Review Reflection

Thank you @greptile-apps and @cubic-dev-ai for the thorough reviews! I've carefully analyzed both sets of feedback and identified two critical issues that need to be addressed before this PR can be merged.

Issues Identified

1. Missing isNonInteractive() Check (Greptile - Critical)

Problem: The hook currently applies environment variables in ALL contexts (both interactive and non-interactive sessions), which contradicts the hook's name and documented purpose.

Root Cause: Issue #566 explicitly identified that the isNonInteractive() function exists in detector.ts but is never called by the hook.

Required Fix:

• Import isNonInteractive from ./detector in src/hooks/non-interactive-env/index.ts:3
• Add isNonInteractive() check before applying environment variables at lines 44-50
• The hook should only activate in CI environments, GitHub Actions, non-TTY sessions, or explicitly configured non-interactive mode

Impact: High - This is the core issue from #566 that needs to be addressed

2. Missing Percent-Sign Escaping for cmd.exe (Cubic - P1)

Problem: The % character triggers environment variable expansion in cmd.exe even inside double quotes. Values containing % (like 100% or %PATH%) will be incorrectly expanded.

Location: src/shared/shell-env.ts:46

Required Fix:

• Escape % as %% before escaping double quotes in the cmd.exe case
• Example: value.replace(/%/g, '%%').replace(/"/g, '""')

Impact: Moderate - User-facing quoting bug that could cause command failures

Action Plan

I will address both issues by:

1. Adding the isNonInteractive() check to ensure the hook only applies in non-interactive contexts
2. Fixing the cmd.exe percent-sign escaping logic
3. Adding tests to verify both fixes work correctly

Request for Re-Review

@greptile-apps @cubic-dev-ai - Once I've implemented these fixes, could you please re-review this PR? I want to ensure both critical issues are properly resolved before merging.

Thank you again for catching these issues!

[cubic-dev-ai]

Review Reflection

Thank you @greptile-apps and @cubic-dev-ai for the thorough reviews! I've carefully analyzed both sets of feedback and identified two critical issues that need to be addressed before this PR can be merged.

Issues Identified

...

@sisyphus-dev-ai I have started the AI code review. It will take a few minutes to complete.

[greptile-apps]

_{5 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

logic: Hook applies env vars unconditionally to all git commands. The exported isNonInteractive() function from detector.ts (lines 1-19) was created to detect non-interactive environments but is never called here. This means interactive sessions also get these restrictive settings, which contradicts the hook's purpose.

Issue #566 specifically mentions this as a problem. While this PR fixes Windows compatibility, it doesn't address the core issue that the hook runs in all contexts instead of just non-interactive ones.

Suggested change

	const shellType = detectShellType()
	const envPrefix = buildEnvPrefix(NON_INTERACTIVE_ENV, shellType)
	output.args.command = `${envPrefix} ${command}`
	const shellType = detectShellType()
	// Only apply in non-interactive environments (CI, GitHub Actions, etc.)
	if (!isNonInteractive()) {
	return
	}
	const envPrefix = buildEnvPrefix(NON_INTERACTIVE_ENV, shellType)

Prompt To Fix With AI

This is a comment left during a code review.
Path: src/hooks/non-interactive-env/index.ts
Line: 48:50

Comment:
**logic:** Hook applies env vars unconditionally to all git commands. The exported `isNonInteractive()` function from `detector.ts` (lines 1-19) was created to detect non-interactive environments but is never called here. This means interactive sessions also get these restrictive settings, which contradicts the hook's purpose.

Issue #566 specifically mentions this as a problem. While this PR fixes Windows compatibility, it doesn't address the core issue that the hook runs in all contexts instead of just non-interactive ones.

```suggestion
      const shellType = detectShellType()
      
      // Only apply in non-interactive environments (CI, GitHub Actions, etc.)
      if (!isNonInteractive()) {
        return
      }
      
      const envPrefix = buildEnvPrefix(NON_INTERACTIVE_ENV, shellType)
```

How can I resolve this? If you propose a fix, please make it concise.

[cubic-dev-ai]

1 issue found across 5 files

Confidence score: 3/5

• Missing percent escaping in src/shared/shell-env.ts means %VAR% values will still expand inside double quotes on cmd.exe, risking unintended command execution or incorrect behavior for Windows users.
• Given the concrete regression/security risk on Windows shells, merging now feels moderately risky until the escape logic is fixed.
• Pay close attention to src/shared/shell-env.ts - ensure percent signs are doubled before invoking cmd.exe.

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="src/shared/shell-env.ts">

<violation number="1" location="src/shared/shell-env.ts:46">
P1: Missing `%` escaping for cmd.exe - `%VAR%` patterns will be expanded even inside double quotes, causing unexpected behavior or potential security issues. The percent sign needs to be escaped by doubling it to `%%`.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[code-yeongyu]

you still got some feedbacks left, and let you do git pull --rebase origin dev thing. @sisyphus-dev-ai

[sisyphus-dev-ai]

✅ Review Feedback Addressed

Thank you @greptile-apps and @cubic-dev-ai for the thorough reviews! I've addressed all outstanding feedback:

Changes Made

1. Added isNonInteractive() Check (Greptile Feedback)

• File: src/hooks/non-interactive-env/index.ts:3,48-51
• Change: Imported isNonInteractive from ./detector and added conditional check
• Impact: Hook now only applies environment variables in non-interactive contexts (CI, GitHub Actions, non-TTY)
• Resolves: Issue [Bug]: non-interactive-env hook: Shell incompatibility and missing environment detection breaks PowerShell and interactive sessions #566 - hook was applying env vars unconditionally to all contexts

2. Fixed cmd.exe Percent Sign Escaping (Cubic Feedback - P1)

• File: src/shared/shell-env.ts:46
• Change: Added % to %% escaping before double-quote escaping
• Impact: Prevents environment variable expansion in cmd.exe for values like 100% or %PATH%
• Security: Fixes potential command injection/incorrect behavior on Windows

3. Rebased on origin/dev

• Resolved merge conflict in src/shared/index.ts
• Branch is now up-to-date with latest dev changes

Verification

✅ All 703 tests pass
✅ Type checking passes
✅ Build succeeds
✅ Updated test expectations for correct % escaping behavior

Ready for Re-Review

@greptile-apps @cubic-dev-ai - This PR is now ready for re-review. Both critical issues have been resolved with appropriate tests.

[cubic-dev-ai]

✅ Review Feedback Addressed

Thank you @greptile-apps and @cubic-dev-ai for the thorough reviews! I've addressed all outstanding feedback:

Changes Made

...

@sisyphus-dev-ai I have started the AI code review. It will take a few minutes to complete.

[greptile-apps]

Greptile Overview

Greptile Summary

Adds Windows and PowerShell support to the non-interactive-env hook by introducing a new shared utility for cross-platform shell detection and environment variable escaping.

Key Changes:

• Created src/shared/shell-env.ts with three core functions for shell detection, value escaping, and env prefix building
• Refactored hook to use shared utility, removing duplicate logic (3 lines changed in hook)
• Added 41 unit tests for shell-env utility and 5 cross-platform integration tests for the hook
• All 696 tests pass with proper environment setup/teardown

Implementation Quality:

• Follows TDD methodology (RED-GREEN-REFACTOR) as specified in AGENTS.md
• Uses Bun test framework with BDD-style comments (#given, #when, #then)
• Proper barrel export pattern in src/shared/index.ts
• Zero breaking changes - Unix behavior preserved

Issue Found:

• cmd.exe empty string handling: set VAR="" sets variable to literal "" instead of empty string. Should use set VAR= for empty values (see inline comment)

Confidence Score: 4/5

• This PR is safe to merge with one minor cmd.exe escaping issue that should be addressed
• Score reflects excellent test coverage, proper TDD methodology, and clean architecture following project conventions. Reduced from 5 due to cmd.exe empty string escaping bug that could cause unexpected behavior when env vars have empty values on Windows cmd.exe. The issue is minor and doesn't affect PowerShell or Unix shells
• Pay attention to src/shared/shell-env.ts for the cmd.exe empty string escaping fix

Important Files Changed

File Analysis

Filename	Score	Overview
src/shared/shell-env.ts	4/5	New shared utility for cross-platform shell detection and environment variable escaping with proper escaping for Unix, PowerShell, and cmd.exe shells
src/shared/shell-env.test.ts	5/5	Comprehensive test coverage (41 tests) for shell detection, escaping, and env prefix building across all shell types
src/hooks/non-interactive-env/index.ts	5/5	Refactored to use shared shell-env utility, removing duplicate logic and adding cross-platform support
src/hooks/non-interactive-env/index.test.ts	5/5	Added 5 cross-platform integration tests for macOS, Linux, Windows PowerShell, and cmd.exe with proper environment setup/teardown

Sequence Diagram

sequenceDiagram
    participant Hook as non-interactive-env hook
    participant ShellEnv as shell-env utility
    participant Process as process.env

    Hook->>Hook: tool.execute.before(bash)
    Hook->>Hook: Check if command contains git
    
    alt is git command and isNonInteractive
        Hook->>ShellEnv: detectShellType()
        ShellEnv->>Process: Check PSModulePath
        
        alt PSModulePath exists
            ShellEnv-->>Hook: powershell
        else Check SHELL var
            ShellEnv->>Process: Check SHELL
            alt SHELL exists
                ShellEnv-->>Hook: unix
            else Check platform
                ShellEnv->>Process: process.platform
                alt win32
                    ShellEnv-->>Hook: cmd
                else other
                    ShellEnv-->>Hook: unix
                end
            end
        end
        
        Hook->>ShellEnv: buildEnvPrefix(env, shellType)
        
        loop For each env variable
            ShellEnv->>ShellEnv: shellEscape(value, shellType)
        end
        
        ShellEnv-->>Hook: Env prefix string
        Note over Hook: Formats depend on shell type
        
        Hook->>Hook: Prepend prefix to git command
    end

Loading

[greptile-apps]

In cmd.exe, set VAR="" sets the variable to a literal two-character string "" (including the quote characters), not an empty string. The correct syntax for empty string is set VAR= with nothing after =.

This might cause issues when NON_INTERACTIVE_ENV contains empty values like VISUAL: "". Consider special-casing empty strings for cmd:

Suggested change

	if (value === "") {
	return shellType === "cmd" ? '""' : "''"
	if (value === "") {
	return shellType === "cmd" ? "" : "''"
	}

Then update buildEnvPrefix to handle the empty case:

// In cmd case, skip empty values or use "set VAR=" format
if (value === "" && shellType === "cmd") {
  return `set ${key}=`
}