spawn

vrr/spawn

mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-19 08:01:17 +00:00

History

A 0eed96f381 fix(security): silently skip invalid connection fields in headless output (#3039 ) Validate each connection field (ip, user, server_id, server_name) from history individually before including it in headless output. Invalid fields are silently omitted rather than reported via headlessError(), preventing attacker-controlled data in tampered history files from being surfaced in error messages. Fixes #3032 Agent: test-engineer Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-03-26 16:58:39 -07:00
..
cli	fix(security): silently skip invalid connection fields in headless output (#3039 )	2026-03-26 16:58:39 -07:00
shared	fix: rethrow normalized Error in tryCatchIf/asyncTryCatchIf (#2930 )	2026-03-23 19:33:05 -07:00

fix(security): silently skip invalid connection fields in headless output (#3039 )

Validate each connection field (ip, user, server_id, server_name) from
history individually before including it in headless output. Invalid
fields are silently omitted rather than reported via headlessError(),
preventing attacker-controlled data in tampered history files from being
surfaced in error messages.

Fixes #3032

Agent: test-engineer

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-03-26 16:58:39 -07:00

cli

fix(security): silently skip invalid connection fields in headless output (#3039 )

2026-03-26 16:58:39 -07:00

shared

fix: rethrow normalized Error in tryCatchIf/asyncTryCatchIf (#2930 )

2026-03-23 19:33:05 -07:00