vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-07 09:10:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
spawn/shared
History
Ahmed Abushagur 05f1905294
fix: Daytona SSH gateway — resource overrides, base64 uploads, connection throttling (#1517) 
* fix: Daytona SSH gateway compatibility — resource overrides, base64 uploads, connection throttling

Daytona's SSH gateway has several limitations that caused hangs and failures:

1. **Resource overrides require image-based creation**: Snapshot-based sandboxes
   reject cpu/memory/disk fields. Use buildInfo.dockerfileContent (FROM image)
   to switch to image-based creation, which unlocks resource overrides.
   Default: 2 vCPU, 4 GiB RAM, 30 GiB disk (configurable via env vars).

2. **SCP/SFTP not supported**: Gateway returns HTTP 404 for SCP subsystem.
   Upload files via base64-encoded SSH command channel instead.

3. **Connection limit (~10-15 per token)**: Consolidated wait_for_cloud_init
   from 6 SSH calls into 1. Added 1s sleep between SSH operations to let
   the gateway release connection slots.

4. **Port flag incompatibility**: Changed -p PORT to -o Port=PORT so the
   port works for both ssh and scp (scp interprets -p as preserve timestamps).

5. **install_claude_code improvements**: Added npm as install method (most
   reliable for global installs), added .npm-global/bin to PATH.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: address security review — escape remote_path, validate image name

- upload_file: escape single quotes in remote_path before embedding in
  the SSH command string (b64 content is inherently safe — base64 alphabet
  is [A-Za-z0-9+/=] only, no shell metacharacters)
- create_sandbox: validate DAYTONA_IMAGE against [a-zA-Z0-9./:_-] to
  reject malformed image names before sending to the API

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: harden upload_file() — validate base64 + use printf %q for paths

Address security review feedback on PR #1517:

CRITICAL: Add explicit base64 alphabet validation before embedding
encoded content in SSH command string. While base64 output is
inherently safe ([A-Za-z0-9+/=]), the validation guards against
corrupted/unexpected encoder output.

MEDIUM: Replace manual single-quote escaping for remote_path with
printf %q, which is the standard shell-safe escaping mechanism and
handles all special characters including path traversal attempts.

Tests: 110/110 pass, bash -n clean.

Agent: pr-maintainer
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
2026-02-20 05:52:39 -05:00
..
common.sh fix: Daytona SSH gateway — resource overrides, base64 uploads, connection throttling (#1517) 2026-02-20 05:52:39 -05:00
github-auth.sh fix: persist gh auth credentials for interactive sessions (#1491) 2026-02-19 19:30:44 -05:00
key-request.sh security: prevent command injection in key-request.sh env var loading (#1415) 2026-02-17 13:53:49 -05:00