vrr/qwen-code
2
0
Fork 0
mirror of https://github.com/QwenLM/qwen-code.git synced 2026-04-30 04:30:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 24

Fix 1 test and silence CodeQL warning (not introduced by this PR)

Browse source
This commit is contained in:
Alexander Farber 2025-12-12 14:02:50 +01:00
parent a8ccd7b6fb
commit 9adad2f369
No known key found for this signature in database
3 changed files with 11 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
packages/cli/src/utils/sandbox.ts
View file

@ -291,6 +291,8 @@ export async function start_sandbox(
sandboxEnv['NO_PROXY'] = noProxy;
sandboxEnv['no_proxy'] = noProxy;
}
// CLI tool intentionally executes user-provided proxy commands
// codeql-disable-next-line js/shell-command-injection-from-environment
proxyProcess = spawn('bash', ['-c', proxyCommand], {
stdio: ['ignore', 'pipe', 'pipe'],
detached: true,
@ -785,6 +787,8 @@ export async function start_sandbox(
const proxyShellArgs = isWindows
? ['/c', proxyContainerCommand]
: ['-c', proxyContainerCommand];
// CLI tool intentionally executes user-provided proxy commands in container
// codeql-disable-next-line js/shell-command-injection-from-environment
proxyProcess = spawn(proxyShell, proxyShellArgs, {
stdio: ['ignore', 'pipe', 'pipe'],
detached: true,