vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-01 21:30:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
spawn/sh/e2e/lib
History
A 54c7764d03
fix(security): prevent cmd injection in sprite exec via positional args (#2021) 
Replace bash -c "${cmd}" with bash -c '$1' _ "${cmd}" so the
command is passed as a positional argument, not interpolated into
the shell string. Same pattern applied to the timeout wrapper.

Fixes #2018

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-28 09:42:13 -05:00
..
clouds fix(security): prevent cmd injection in sprite exec via positional args (#2021) 2026-02-28 09:42:13 -05:00
cleanup.sh fix(e2e): increase server sizes and install timeouts (#2014) 2026-02-28 00:25:36 -08:00
common.sh fix(e2e): increase server sizes and install timeouts (#2014) 2026-02-28 00:25:36 -08:00
provision.sh feat: SPAWN_CLI_DIR env var to force local source in e2e (#2015) 2026-02-28 04:14:36 -05:00
teardown.sh feat(e2e): multi-cloud test suite with cloud driver pattern (#2004) 2026-02-27 19:28:08 -08:00
verify.sh feat(e2e): multi-cloud test suite with cloud driver pattern (#2004) 2026-02-27 19:28:08 -08:00