vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-01 21:30:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
spawn/sh/e2e/lib
History
A 24e393817f
fix: harden env var parsing and pkill patterns in provision.sh (#2342) 
- Block dangerous system env vars (PATH, LD_PRELOAD, etc.) before export
- Add explicit alphanumeric validation on env var names
- Validate app_name is non-empty and safe before pkill -f
- Tighten pkill regex from "sprite.*exec.*" to "sprite exec.*"

Fixes #2330 #2332

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-03-08 10:43:28 -04:00
..
clouds fix: prevent command injection in _sprite_exec via stdin piping (#2329) 2026-03-08 06:44:19 -04:00
common.sh fix(e2e): add junie agent to E2E test harness (#2314) 2026-03-08 00:03:32 -05:00
provision.sh fix: harden env var parsing and pkill patterns in provision.sh (#2342) 2026-03-08 10:43:28 -04:00
teardown.sh feat(e2e): multi-cloud test suite with cloud driver pattern (#2004) 2026-02-27 19:28:08 -08:00
verify.sh fix(e2e): add junie agent to E2E test harness (#2314) 2026-03-08 00:03:32 -05:00