fix(@angular/build): pass process environment variables to prerender workers#32731
Open
alan-agius4 wants to merge 1 commit intoangular:mainfrom
Open
fix(@angular/build): pass process environment variables to prerender workers#32731alan-agius4 wants to merge 1 commit intoangular:mainfrom
alan-agius4 wants to merge 1 commit intoangular:mainfrom
Conversation
alan-agius4
added
the
target: patch
alan-agius4
added
the
action: review
alan-agius4
force-pushed
the
prerender-env
branch
from
275eded to
9d53588
Compare
alan-agius4
changed the title
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request aims to ensure worker processes inherit "process.env" for prerendering and route extraction, making custom environment variables available. However, a significant security vulnerability has been identified: passing the entire "process.env" to worker threads risks exposing sensitive build-time secrets (e.g., API keys, tokens) if they are inadvertently rendered into static HTML files. It is crucial to implement a filtering mechanism to pass only necessary environment variables, adhering to the principle of least privilege.
…workers Worker processes used for prerendering and route extraction now inherit `process.env`. This ensures that any custom environment variables required by the application are available during the server-side rendering process. Closes angular#32730
alan-agius4
force-pushed
the
prerender-env
branch
from
9d53588 to
a138797
Compare
dgp1130
approved these changes
Mar 10, 2026
alan-agius4
added
action: merge
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Worker processes used for prerendering and route extraction now inherit
process.env. This ensures that any custom environment variables required by the application are available during the server-side rendering process.Closes #32730