From 6bfde3beab281a548390f157a698ed7c32e46533 Mon Sep 17 00:00:00 2001
From: Eyal Sharon <eyal.s@qodo.ai>
Date: Tue, 21 Oct 2025 21:25:44 +0300
Subject: [PATCH] Apply repo settings: Disable loading env files as well as
 merging from other sources.

---
 pr_agent/git_providers/utils.py | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/pr_agent/git_providers/utils.py b/pr_agent/git_providers/utils.py
index 0cfbe116..98922685 100644
--- a/pr_agent/git_providers/utils.py
+++ b/pr_agent/git_providers/utils.py
@@ -35,8 +35,22 @@ def apply_repo_settings(pr_url):
                 try:
                     fd, repo_settings_file = tempfile.mkstemp(suffix='.toml')
                     os.write(fd, repo_settings)
-                    new_settings = Dynaconf(settings_files=[repo_settings_file])
+
+                    try:
+                        new_settings = Dynaconf(settings_files=[repo_settings_file],
+                                                # Disable all dynamic loading features
+                                                load_dotenv=False,  # Don't load .env files
+                                                merge_enabled=False,  # Don't allow merging from other sources
+                                                )
+                    except TypeError:
+                        # Fallback for older Dynaconf versions that don't support these parameters
+                        new_settings = Dynaconf(settings_files=[repo_settings_file])
+
                     for section, contents in new_settings.as_dict().items():
+                        if not contents:
+                            # Skip excluded items, such as forbidden to load env.
+                            get_logger().debug(f"Skipping a section: {section} which is not allowed")
+                            continue
                         section_dict = copy.deepcopy(get_settings().as_dict().get(section, {}))
                         for key, value in contents.items():
                             section_dict[key] = value