mirror of
https://github.com/OpenRouterTeam/spawn.git
synced 2026-04-28 03:49:31 +00:00
25690185a5
Some checks failed
CLI Release / Build and release CLI (push) Waiting to run
Lint / ShellCheck (push) Waiting to run
Lint / Biome Lint (push) Waiting to run
Lint / macOS Compatibility (push) Waiting to run
Build Docker Images / build (claude) (push) Has been cancelled
Build Docker Images / build (codex) (push) Has been cancelled
Build Docker Images / build (cursor) (push) Has been cancelled
Build Docker Images / build (hermes) (push) Has been cancelled
Build Docker Images / build (junie) (push) Has been cancelled
Build Docker Images / build (kilocode) (push) Has been cancelled
Build Docker Images / build (openclaw) (push) Has been cancelled
Build Docker Images / build (opencode) (push) Has been cancelled
* fix(ci): remove stale paths from biome check step in lint.yml biome.json restricts linting to packages/**/*.ts via its includes filter, so passing .claude/scripts/ and .claude/skills/setup-spa/ to the biome check command was a no-op — biome reported 0 files processed for those paths and silently skipped them. Remove the stale paths so the CI step accurately reflects what biome actually checks. * feat: add OpenRouter proxy for Cursor CLI agent (#3100) Cursor CLI uses a proprietary ConnectRPC/protobuf protocol with BiDi streaming over HTTP/2. It validates API keys against Cursor's own servers and hardcodes api2.cursor.sh for agent streaming — making direct OpenRouter integration impossible. This adds a local translation proxy that intercepts Cursor's protocol and routes LLM traffic through OpenRouter: Architecture: Cursor CLI → Caddy (HTTPS/H2, port 443) → split routing: /agent.v1.AgentService/* → H2C Node.js (BiDi streaming → OpenRouter) everything else → HTTP/1.1 Node.js (fake auth, models, config) Key components: - cursor-proxy.ts: proxy scripts + deployment functions - Caddy reverse proxy for TLS + HTTP/2 termination - /etc/hosts spoofing to intercept api2.cursor.sh - Hand-rolled protobuf codec for AgentServerMessage format - SSE stream translation (OpenRouter → ConnectRPC protobuf frames) Proto schemas reverse-engineered from Cursor CLI binary v2026.03.25: - AgentServerMessage.InteractionUpdate.TextDeltaUpdate.text - agent.v1.ModelDetails (model_id, display_model_id, display_name) - TurnEndedUpdate (input_tokens, output_tokens) Tested end-to-end on Sprite VM: Cursor CLI printed proxy response with EXIT=0. Co-authored-by: Ahmed Abushagur <ahmed@abushagur.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(digitalocean): use canonical DIGITALOCEAN_ACCESS_TOKEN env var (#3099) Replaces all references to DO_API_TOKEN with DIGITALOCEAN_ACCESS_TOKEN, matching DigitalOcean's official CLI and API documentation. This includes TypeScript source, tests, shell scripts, Packer config, CI workflows, and documentation. Supersedes #3068 (rebased onto current main). Agent: pr-maintainer Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: remove --trust flag from Cursor CLI launch command (#3101) Cursor CLI v2026.03.25 only allows --trust in headless/print mode. Launching interactively with --trust causes immediate exit with error. Co-authored-by: spawn-bot <spawn-bot@openrouter.ai> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Ahmed Abushagur <ahmed@abushagur.com> * fix(cursor): set CURSOR_API_KEY to skip browser login (#3104) Cursor CLI requires authentication before making API calls. Without CURSOR_API_KEY set, it falls back to browser-based OAuth which fails because the proxy spoofs api2.cursor.sh to localhost, breaking the OAuth callback. Setting a dummy CURSOR_API_KEY makes Cursor use the /auth/exchange_user_api_key endpoint instead, which the proxy already handles with a fake JWT. Co-authored-by: spawn-bot <spawn-bot@openrouter.ai> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * docs: sync README with source of truth (#3097) - update tagline: 8 agents/48 combos -> 9 agents/54 combos - add Cursor CLI row to matrix table manifest.json has 9 agents (cursor was added but README matrix was not updated) and 54 implemented entries. Co-authored-by: spawn-qa-bot <qa@openrouter.ai> Co-authored-by: Ahmed Abushagur <ahmed@abushagur.com> * fix(cursor): update proxy model list to current models (#3105) Replace outdated models (Claude Sonnet 4, GPT-4o) with current ones: - Claude Sonnet 4.6 (default), Claude Haiku 4.5 - GPT-4.1 - Gemini 2.5 Pro, Gemini 2.5 Flash Co-authored-by: spawn-bot <spawn-bot@openrouter.ai> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * feat(status): add agent alive probe via SSH (#3109) `spawn status` now probes running servers by SSHing in and running `{agent} --version` to verify the agent binary is installed and executable. Results show in a new "Probe" column (live/down/—) and as `agent_alive` in JSON output. Only "running" servers are probed; gone/stopped/unknown servers are skipped. The probe function is injectable via opts for testability. Co-authored-by: spawn-bot <spawn-bot@openrouter.ai> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: add cursor to agent lists in spawn skill files (#3108) cursor is a fully implemented agent across all 6 clouds but was missing from the available agents list in spawn skill instructions injected onto child VMs. This caused claude, codex, hermes, junie, kilocode, openclaw, opencode, and zeroclaw to be unaware they could delegate work to cursor. Signed-off-by: Ahmed Abushagur <ahmed@abushagur.com> Co-authored-by: spawn-qa-bot <qa@openrouter.ai> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Ahmed Abushagur <ahmed@abushagur.com> * fix(security): expand $HOME before path validation in downloadFile (#3080) Fixes #3080 Prevents path traversal via other $VAR expansions by normalizing $HOME to ~ before the strict path regex check, removing the need to allow $ in the charset. Applied to all 5 cloud providers: - digitalocean: downloadFile - aws: downloadFile - sprite: downloadFileSprite - gcp: uploadFile + downloadFile - hetzner: downloadFile Also bumps CLI version to 0.27.7. Agent: security-auditor Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(manifest): correct cursor repo to cursor/cursor and update star counts (#3092) The cursor agent's repo was set to anysphere/cursor (private, returns 404), which caused the stars-update script to store the raw 404 error object as github_stars instead of a number — breaking the manifest-type-contracts test. Fix: update repo to the public cursor/cursor repo (32,526 stars as of 2026-03-29). Also applies the daily star count updates for all other agents. -- qa/e2e-tester Co-authored-by: spawn-qa-bot <qa@openrouter.ai> * fix(spawn-fix): load API keys via config file, not just process.env (#3095) Previously buildFixScript() resolved env templates directly from process.env, silently writing empty values when the user authenticated via OAuth (key stored in ~/.config/spawn/openrouter.json). Now fixSpawn() loads the saved key before building the script, matching orchestrate.ts. Fixes #3094 Agent: code-health Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * docs: sync README commands table with help.ts (--prompt, --prompt-file) (#3106) Co-authored-by: spawn-qa-bot <qa@openrouter.ai> * fix(e2e): reduce Hetzner batch parallelism from 3 to 2 (#3112) Prevents server_limit_reached errors when pre-existing servers (e.g. spawn-szil) consume quota during E2E batch 1. Fixes #3111 Agent: test-engineer Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com> * refactor(e2e): normalize unused-arg comments in headless_env functions (#3113) GCP, Sprite, and DigitalOcean had commented-out code `# local agent="$2"` in their `_headless_env` functions. Hetzner already used the cleaner style `# $2 = agent (unused but part of the interface)`. Normalize to match. Co-authored-by: spawn-qa-bot <qa@openrouter.ai> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * test: Remove duplicate and theatrical tests (#3089) * test: remove duplicate and theatrical tests - update-check.test.ts: fix 3 tests using stale hardcoded version '0.2.3' (older than current 0.29.1) to use `pkg.version` so 'should not update when up to date' actually tests the current-version path correctly - run-path-credential-display.test.ts: strengthen weak `toBeDefined()` assertion on digitalocean hint to `toContain('Simple cloud hosting')`, making it verify the actual fallback hint content Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * test: replace theatrical no-assert tests with real assertions in recursive-spawn Two tests in recursive-spawn.test.ts captured console.log output into a logs array but never asserted against it. Both ended with a comment like "should not throw" — meaning they only proved the function didn't crash, not that it produced the right output. - "shows empty message when no history": now spies on p.log.info and asserts cmdTree() emits "No spawn history found." - "shows flat message when no parent-child relationships": now asserts cmdTree() emits "no parent-child relationships" via p.log.info. expect() call count: 4831 to 4834 (+3 real assertions added). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * test: consolidate redundant describe block in cmd-fix-cov.test.ts The file had two separate describe blocks with identical beforeEach/afterEach boilerplate. The second block ("fixSpawn connection edge cases") contained only one test ("shows success when fix script succeeds") and could be merged directly into the first block ("fixSpawn (additional coverage)") without any loss of coverage or setup fidelity. Removes 23 lines of duplicated boilerplate. Test count unchanged (6 tests). --------- Co-authored-by: spawn-qa-bot <qa@openrouter.ai> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(config): extend biome.json includes to cover .claude/**/*.ts Add .claude/**/*.ts to biome.json includes so TypeScript files in .claude/scripts/ and .claude/skills/ are covered by biome formatting. Linting is disabled for .claude/** via override because the GritQL plugins (no-try-catch, no-typeof-string-number) target the main CLI codebase and cannot be scoped per-path — .claude/ hook scripts legitimately use try/catch as they run standalone outside the package. Agent: pr-maintainer Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix(prompts): stop infinite shutdown loop after TeamDelete in non-interactive mode (#3116) After TeamDelete completes in -p (non-interactive) mode, Claude Code's harness was re-injecting shutdown prompts every turn. The root cause: the Monitor Loop instructed the agent to call TaskList + Bash on EVERY iteration, including after TeamDelete, which kept the session alive so the harness could inject more shutdown prompts. Fix: add an explicit EXCEPTION to both refactor-team-prompt.md and refactor-issue-prompt.md instructing the team lead that after TeamDelete is called, the very next response MUST be plain text only with no tool calls. A text-only response is the termination signal for the non-interactive harness. Fixes #3103 Agent: issue-fixer Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com> * fix(zeroclaw): remove broken zeroclaw agent (repo 404) (#3107) * fix(zeroclaw): remove broken zeroclaw agent (repo 404) The zeroclaw-labs/zeroclaw GitHub repository returns 404 — all installs fail. Remove zeroclaw entirely from the matrix: agent definition, setup code, shell scripts, e2e tests, packer config, skill files, and documentation. Fixes #3102 Agent: code-health Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix(zeroclaw): remove stale zeroclaw reference from discovery.md ARM agents list Addresses security review on PR #3107 — the last remaining zeroclaw reference in .claude/rules/discovery.md is now removed. Agent: issue-fixer Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix(zeroclaw): remove remaining stale zeroclaw references from CI/packer Remove zeroclaw from: - .github/workflows/agent-tarballs.yml ARM build matrix - .github/workflows/docker.yml agent matrix - packer/digitalocean.pkr.hcl comment - sh/e2e/e2e.sh comment Addresses all 5 stale references flagged in security review of PR #3107. Agent: issue-fixer Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> --------- Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com> * fix(cli): allow --headless and --dry-run to be used together (#3117) Removes the mutual-exclusion validation that blocked combining these flags. Both flags serve independent purposes: --dry-run previews what would happen, --headless suppresses interactive prompts and emits structured output. Combining them is valid for CI pipelines that want structured JSON previews. Fixes #3114 Agent: issue-fixer Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com> * fix(cli): allow --headless and --dry-run to be used together (#3118) * test: remove redundant theatrical assertions (#3120) Remove bare toHaveBeenCalled() checks that preceded stronger content assertions, and strengthen the "shows manual install command" test to verify the actual install script URL appears in output. Affected files: - cmd-update-cov: remove redundant consoleSpy.toHaveBeenCalled() (x2), strengthen "shows manual install command" to check install.sh content - update-check: remove redundant consoleErrorSpy.toHaveBeenCalled() (x2) that were immediately followed by .mock.calls content assertions - recursive-spawn: remove redundant logInfoSpy.toHaveBeenCalled() before content check - cmd-interactive: remove redundant mockIntro/mockOutro.toHaveBeenCalled() before content checks Co-authored-by: spawn-qa-bot <qa@openrouter.ai> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * docs: sync README tagline with manifest (9 agents/54 → 8 agents/48 combinations) (#3119) Co-authored-by: spawn-qa-bot <qa@openrouter.ai> Co-authored-by: L <6723574+louisgv@users.noreply.github.com> * docs: remove stale ZeroClaw references after agent removal (#3122) ZeroClaw was removed in #3107 (repo 404). Two doc references were left behind: - .claude/rules/agent-default-models.md: table row for ZeroClaw model config - README.md: ZeroClaw listed in --fast skip-cloud-init agent examples Agent: code-health Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(e2e): redirect DO max_parallel log_warn to stderr (#3110) _digitalocean_max_parallel() called log_warn which writes colored output to stdout, polluting the captured return value when invoked via cloud_max=$(cloud_max_parallel). The downstream integer comparison [ "${effective_parallel}" -gt "${cloud_max}" ] then fails with 'integer expression expected', silently leaving the droplet limit cap unapplied. Fix: redirect log_warn output to stderr so only the numeric value is captured. Co-authored-by: spawn-qa-bot <qa@openrouter.ai> Co-authored-by: L <6723574+louisgv@users.noreply.github.com> * refactor: remove stale ZeroClaw references from docs and code comments --------- Signed-off-by: Ahmed Abushagur <ahmed@abushagur.com> Co-authored-by: spawn-qa-bot <qa@openrouter.ai> Co-authored-by: Ahmed Abushagur <ahmed@abushagur.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: spawn-bot <spawn-bot@openrouter.ai>
232 lines
7.1 KiB
TypeScript
232 lines
7.1 KiB
TypeScript
// shared/agents.ts — AgentConfig interface + shared helpers (cloud-agnostic)
|
|
|
|
import { logError, shellQuote } from "./ui.js";
|
|
|
|
// ─── Types ───────────────────────────────────────────────────────────────────
|
|
|
|
/** Cloud-init dependency tier: what packages to pre-install on the VM. */
|
|
export type CloudInitTier = "minimal" | "node" | "bun" | "full";
|
|
|
|
/** An optional post-provision setup step the user can toggle on/off. */
|
|
export interface OptionalStep {
|
|
value: string;
|
|
label: string;
|
|
hint?: string;
|
|
/** Env var that supplies data for this step (e.g. TELEGRAM_BOT_TOKEN). */
|
|
dataEnvVar?: string;
|
|
/** When true, step requires interactive input (e.g. QR scan) — skipped in headless. */
|
|
interactive?: boolean;
|
|
/** When true, step is pre-selected in the multiselect (user can uncheck). */
|
|
defaultOn?: boolean;
|
|
}
|
|
|
|
export interface AgentConfig {
|
|
name: string;
|
|
/** Default model ID passed to configure() (no interactive prompt — override via MODEL_ID env var). */
|
|
modelDefault?: string;
|
|
/** Env var name for setting the model on the remote (e.g. KILOCODE_MODEL, LLM_MODEL). */
|
|
modelEnvVar?: string;
|
|
/** Pre-provision hook (runs before server creation, e.g., prompt for GitHub auth). */
|
|
preProvision?: () => Promise<void>;
|
|
/** Install the agent on the remote machine. */
|
|
install: () => Promise<void>;
|
|
/** Return env var pairs for .spawnrc. */
|
|
envVars: (apiKey: string) => string[];
|
|
/** Agent-specific configuration (settings files, etc.). */
|
|
configure?: (apiKey: string, modelId?: string, enabledSteps?: Set<string>) => Promise<void>;
|
|
/** Pre-launch hook (e.g., start gateway daemon). */
|
|
preLaunch?: () => Promise<void>;
|
|
/** Optional tip or warning shown to the user just before the agent launches. */
|
|
preLaunchMsg?: string;
|
|
/** Shell command to launch the agent interactively. */
|
|
launchCmd: () => string;
|
|
/** Cloud-init dependency tier. Defaults to "full" if unset. */
|
|
cloudInitTier?: CloudInitTier;
|
|
/** Skip tarball install attempt (e.g., already using snapshot). */
|
|
skipTarball?: boolean;
|
|
/** SSH tunnel config for web dashboards. */
|
|
tunnel?: TunnelConfig;
|
|
/** Shell command to update the agent to its latest version (used by auto-update timer). */
|
|
updateCmd?: string;
|
|
}
|
|
|
|
/** Configuration for SSH-tunneling a remote port to localhost. */
|
|
export interface TunnelConfig {
|
|
remotePort: number;
|
|
browserUrl?: (localPort: number) => string | undefined;
|
|
}
|
|
|
|
// ─── Agent Optional Steps (static metadata — no CloudRunner needed) ─────────
|
|
|
|
/** Extra setup steps for specific agents (merged with COMMON_STEPS). */
|
|
const AGENT_EXTRA_STEPS: Record<string, OptionalStep[]> = {
|
|
hermes: [
|
|
{
|
|
value: "yolo-mode",
|
|
label: "YOLO mode",
|
|
hint: "let Hermes install tools without approval prompts",
|
|
defaultOn: true,
|
|
},
|
|
],
|
|
openclaw: [
|
|
{
|
|
value: "browser",
|
|
label: "Chrome browser",
|
|
hint: "~400 MB — enables web tools",
|
|
},
|
|
{
|
|
value: "telegram",
|
|
label: "Telegram",
|
|
hint: "connect via bot token from @BotFather",
|
|
dataEnvVar: "TELEGRAM_BOT_TOKEN",
|
|
},
|
|
{
|
|
value: "whatsapp",
|
|
label: "WhatsApp",
|
|
hint: "link via QR code after launch",
|
|
},
|
|
{
|
|
value: "discord",
|
|
label: "Discord",
|
|
hint: "connect via bot token",
|
|
},
|
|
{
|
|
value: "slack",
|
|
label: "Slack",
|
|
hint: "connect via bot + app tokens",
|
|
},
|
|
{
|
|
value: "signal",
|
|
label: "Signal",
|
|
hint: "link via signal-cli",
|
|
},
|
|
{
|
|
value: "googlechat",
|
|
label: "Google Chat",
|
|
hint: "connect via webhook",
|
|
},
|
|
{
|
|
value: "bluebubbles",
|
|
label: "BlueBubbles",
|
|
hint: "iMessage bridge via BlueBubbles server",
|
|
},
|
|
],
|
|
};
|
|
|
|
/** The "spawn" step — only shown when --beta recursive is active. */
|
|
const SPAWN_STEP: OptionalStep = {
|
|
value: "spawn",
|
|
label: "Spawn CLI",
|
|
hint: "install spawn for recursive VM creation",
|
|
defaultOn: true,
|
|
};
|
|
|
|
/** Steps shown for every agent. */
|
|
const COMMON_STEPS: OptionalStep[] = [
|
|
{
|
|
value: "github",
|
|
label: "GitHub CLI",
|
|
hint: "install gh + authenticate on the remote server",
|
|
},
|
|
{
|
|
value: "reuse-api-key",
|
|
label: "Reuse saved OpenRouter key",
|
|
hint: "off = create a fresh key via OAuth",
|
|
},
|
|
{
|
|
value: "custom-model",
|
|
label: "Custom model",
|
|
hint: "enter an OpenRouter model ID manually",
|
|
},
|
|
{
|
|
value: "auto-update",
|
|
label: "Auto-update",
|
|
hint: "keep agent + system packages up to date (every 6h)",
|
|
defaultOn: true,
|
|
},
|
|
];
|
|
|
|
/** Get the optional setup steps for a given agent (no CloudRunner required). */
|
|
export function getAgentOptionalSteps(agentName: string): OptionalStep[] {
|
|
const betaFeatures = (process.env.SPAWN_BETA ?? "").split(",").filter(Boolean);
|
|
const hasRecursive = betaFeatures.includes("recursive");
|
|
|
|
const steps = hasRecursive
|
|
? [
|
|
...COMMON_STEPS,
|
|
SPAWN_STEP,
|
|
]
|
|
: [
|
|
...COMMON_STEPS,
|
|
];
|
|
|
|
const extra = AGENT_EXTRA_STEPS[agentName];
|
|
if (extra) {
|
|
steps.push(...extra);
|
|
}
|
|
return steps;
|
|
}
|
|
|
|
/** Validate step names against the known steps for an agent.
|
|
* Returns valid and invalid step names separately. */
|
|
export function validateStepNames(
|
|
agentName: string,
|
|
steps: string[],
|
|
): {
|
|
valid: string[];
|
|
invalid: string[];
|
|
} {
|
|
const known = new Set(getAgentOptionalSteps(agentName).map((s) => s.value));
|
|
const valid: string[] = [];
|
|
const invalid: string[] = [];
|
|
for (const step of steps) {
|
|
if (known.has(step)) {
|
|
valid.push(step);
|
|
} else {
|
|
invalid.push(step);
|
|
}
|
|
}
|
|
return {
|
|
valid,
|
|
invalid,
|
|
};
|
|
}
|
|
|
|
// ─── Shared Helpers ──────────────────────────────────────────────────────────
|
|
|
|
/**
|
|
* Generate env config content (shell export lines) for .spawnrc.
|
|
* Values are single-quoted to prevent injection.
|
|
*/
|
|
export function generateEnvConfig(pairs: string[]): string {
|
|
const lines = [
|
|
"",
|
|
"# [spawn:env]",
|
|
"export IS_SANDBOX='1'",
|
|
"# UTF-8 locale — required for agent TUIs that use Unicode (e.g. Claude Code)",
|
|
"export LANG='C.UTF-8'",
|
|
"export LC_ALL='C.UTF-8'",
|
|
"# Ensure agent binaries are in PATH on reconnect",
|
|
'export PATH="$HOME/.npm-global/bin:$HOME/.bun/bin:$HOME/.local/bin:$HOME/.cargo/bin:$HOME/.claude/local/bin:/usr/local/bin:$PATH"',
|
|
];
|
|
for (const pair of pairs) {
|
|
const eqIdx = pair.indexOf("=");
|
|
if (eqIdx === -1) {
|
|
continue;
|
|
}
|
|
const key = pair.slice(0, eqIdx);
|
|
const value = pair.slice(eqIdx + 1);
|
|
// Validate env var name
|
|
if (!/^[A-Z_][A-Z0-9_]*$/.test(key)) {
|
|
logError(`SECURITY: Invalid environment variable name rejected: ${key}`);
|
|
continue;
|
|
}
|
|
// Reject null bytes in value (defense-in-depth)
|
|
if (/\0/.test(value)) {
|
|
logError(`SECURITY: Null byte in environment variable value rejected: ${key}`);
|
|
continue;
|
|
}
|
|
lines.push(`export ${key}=${shellQuote(value)}`);
|
|
}
|
|
return lines.join("\n") + "\n";
|
|
}
|