vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-07 09:10:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

fix: always rm temp env file even if .zshrc append fails (#1573) (#1586)

Browse source 
Use semicolons instead of && for rm in inject_env_vars, inject_env_vars_sprite,
inject_env_vars_cb, and inject_env_vars_cloud so the temp file containing the
API key is always deleted even if ~/.zshrc doesn't exist or append fails.

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
A 2026-02-21 07:45:55 -08:00 committed by GitHub
parent aa4174db9e
commit ce8b1afdf8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
shared/common.sh
View file

@ -1309,7 +1309,7 @@ inject_env_vars_ssh() {
# Append to .bashrc and .zshrc only — do NOT write to .profile or .bash_profile
"${upload_func}" "${server_ip}" "${env_temp}" "${temp_remote}"
"${run_func}" "${server_ip}" "cat '${temp_remote}' >> ~/.bashrc && cat '${temp_remote}' >> ~/.zshrc && rm '${temp_remote}'"
"${run_func}" "${server_ip}" "cat '${temp_remote}' >> ~/.bashrc; cat '${temp_remote}' >> ~/.zshrc; rm -f '${temp_remote}'"
# Note: temp file will be cleaned up by trap handler
@ -1342,7 +1342,7 @@ inject_env_vars_local() {
# Append to .bashrc and .zshrc only
"${upload_func}" "${env_temp}" "${temp_remote}"
"${run_func}" "cat '${temp_remote}' >> ~/.bashrc && cat '${temp_remote}' >> ~/.zshrc && rm '${temp_remote}'"
"${run_func}" "cat '${temp_remote}' >> ~/.bashrc; cat '${temp_remote}' >> ~/.zshrc; rm -f '${temp_remote}'"
# Note: temp file will be cleaned up by trap handler
@ -1693,7 +1693,7 @@ inject_env_vars_cb() {
local temp_remote="/tmp/spawn_env_${rand_suffix}"
${upload_cb} "${env_temp}" "${temp_remote}"
${run_cb} "cat '${temp_remote}' >> ~/.bashrc && cat '${temp_remote}' >> ~/.zshrc && rm '${temp_remote}'"
${run_cb} "cat '${temp_remote}' >> ~/.bashrc; cat '${temp_remote}' >> ~/.zshrc; rm -f '${temp_remote}'"
# Offer optional GitHub CLI setup
offer_github_auth "${run_cb}"
@ -1761,7 +1761,7 @@ _spawn_inject_env_vars() {
# Write env vars to ~/.spawnrc instead of inlining into .bashrc/.zshrc.
# Ubuntu's default .bashrc has an interactive-shell guard that exits early —
# anything appended after the guard is never loaded when SSH runs a command string.
cloud_run "cp '${temp_remote}' ~/.spawnrc && chmod 600 ~/.spawnrc && rm '${temp_remote}'"
cloud_run "cp '${temp_remote}' ~/.spawnrc && chmod 600 ~/.spawnrc; rm -f '${temp_remote}'"
# Hook .spawnrc into .bashrc and .zshrc so interactive shells pick up the vars too
cloud_run "grep -q 'source ~/.spawnrc' ~/.bashrc 2>/dev/null || echo '[ -f ~/.spawnrc ] && source ~/.spawnrc' >> ~/.bashrc" || log_warn "Could not hook .spawnrc into .bashrc"