mirror of
https://github.com/OpenRouterTeam/spawn.git
synced 2026-05-20 01:11:18 +00:00
d92d0e6e21
* fix(security): prevent flag injection via hyphen-leading path segments in uploadFile Reject remote paths where any segment starts with "-" (e.g., "-e", "/tmp/-evil") across all 6 cloud providers. This prevents potential CLI flag injection in commands like base64, printf, mv, and scp. Agent: security-auditor Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * style: fix biome format for path validation conditions Break long if-conditions across multiple lines and add parentheses around arrow function parameters to satisfy biome formatter. Agent: pr-maintainer Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> --------- Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
26 lines
663 B
JSON
26 lines
663 B
JSON
{
|
|
"name": "@openrouter/spawn",
|
|
"version": "0.11.3",
|
|
"type": "module",
|
|
"bin": {
|
|
"spawn": "cli.js"
|
|
},
|
|
"scripts": {
|
|
"dev": "bun run src/index.ts",
|
|
"build": "bun build src/index.ts --outfile cli.js --target bun --minify --packages bundle",
|
|
"compile": "bun build src/index.ts --compile --outfile spawn",
|
|
"lint": "biome lint src/",
|
|
"test": "bun test",
|
|
"test:watch": "bun test --watch"
|
|
},
|
|
"dependencies": {
|
|
"@clack/prompts": "1.0.0",
|
|
"@openrouter/spawn-shared": "workspace:*",
|
|
"picocolors": "1.1.1",
|
|
"valibot": "1.2.0"
|
|
},
|
|
"devDependencies": {
|
|
"@biomejs/biome": "2.4.3",
|
|
"@types/bun": "1.3.8"
|
|
}
|
|
}
|