From 1a51adb0a51225ef8b6fd7d84a985feb3c57008a Mon Sep 17 00:00:00 2001
From: ezl-keygraph <ezhil@keygraph.io>
Date: Wed, 11 Feb 2026 00:26:48 +0530
Subject: [PATCH] fix: prevent deliverables from being lost during agent retry
 rollbacks (#112)

Deliverables saved by agents were never committed to git because
git identity was not configured in the Docker container. This left
them as untracked files, which git clean -fd destroyed whenever
another agent's retry triggered a workspace rollback. Moves git
config after ENV HOME=/tmp so the config is written to /tmp/.gitconfig
where git actually looks at runtime.
---
 Dockerfile | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9e7e6f2..bcfb23c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -139,9 +139,6 @@ RUN mkdir -p /app/sessions /app/deliverables /app/repos /app/configs && \
 # Switch to non-root user
 USER pentest
 
-# Configure Git to trust all directories
-RUN git config --global --add safe.directory '*'
-
 # Set environment variables
 ENV NODE_ENV=production
 ENV PATH="/usr/local/bin:$PATH"
@@ -153,5 +150,10 @@ ENV HOME=/tmp
 ENV XDG_CACHE_HOME=/tmp/.cache
 ENV XDG_CONFIG_HOME=/tmp/.config
 
+# Configure Git identity and trust all directories
+RUN git config --global user.email "agent@localhost" && \
+    git config --global user.name "Pentest Agent" && \
+    git config --global --add safe.directory '*'
+
 # Set entrypoint
 ENTRYPOINT ["node", "dist/shannon.js"]