spawn

vrr/spawn

mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-21 02:21:15 +00:00

History

A 862030b776 fix(security): escape cmd args in _exec_long to prevent shell injection (#2064 ) Base64-encode the command before embedding it in bash -c to prevent single-quote breakout in _sprite_exec_long and _digitalocean_exec_long. Fixes #2063 Agent: security-auditor Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>		2026-03-01 12:42:27 -05:00
..
aws	fix(e2e): add sh/aws/hermes.sh and mark aws/hermes as implemented (#2042 )	2026-02-28 20:38:26 -05:00
cli	fix: export PATH after bun install to fix current-shell availability (#1877 )	2026-02-24 04:51:00 -05:00
daytona	feat: SPAWN_CLI_DIR env var to force local source in e2e (#2015 )	2026-02-28 04:14:36 -05:00
digitalocean	feat: SPAWN_CLI_DIR env var to force local source in e2e (#2015 )	2026-02-28 04:14:36 -05:00
docker	feat!: remove Fly.io cloud provider support (#1979 )	2026-02-27 00:06:32 -05:00
e2e	fix(security): escape cmd args in _exec_long to prevent shell injection (#2064 )	2026-03-01 12:42:27 -05:00
gcp	feat: SPAWN_CLI_DIR env var to force local source in e2e (#2015 )	2026-02-28 04:14:36 -05:00
hetzner	feat: SPAWN_CLI_DIR env var to force local source in e2e (#2015 )	2026-02-28 04:14:36 -05:00
local	feat: Bun workspace monorepo — packages/cli + packages/shared (#1853 )	2026-02-23 22:07:05 -08:00
shared	refactor: Remove dead code and stale references (#2059 )	2026-03-01 08:26:10 -05:00
sprite	feat(agent): add Hermes Agent (Nous Research) (#2023 )	2026-02-28 06:53:13 -08:00
test	refactor: Remove dead code and stale references (#2062 )	2026-03-01 11:45:24 -05:00