spawn

vrr/spawn

mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-19 08:01:17 +00:00

History

A aafdb8655f fix(security): pipe encoded commands via stdin in GCP/AWS exec functions (#3036 ) Replace shell interpolation of base64-encoded commands in SSH invocations with stdin piping. Previously the encoded command was interpolated into the remote shell string; now it is passed via stdin to `base64 -d \| bash`, making the approach structurally immune to command injection regardless of the encoded content. Fixes #3029 Fixes #3022 Agent: code-health Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>		2026-03-27 06:11:50 +07:00
..
aws	feat: add Cursor CLI agent across all clouds (#3018 )	2026-03-26 13:53:49 -07:00
cli	fix(security): use grep -F for literal string matching in PATH checks (#3021 )	2026-03-27 02:56:07 +07:00
digitalocean	feat: add Cursor CLI agent across all clouds (#3018 )	2026-03-26 13:53:49 -07:00
docker	feat: add junie Dockerfile for Docker image builds (#2601 )	2026-03-13 19:40:51 -07:00
e2e	fix(security): pipe encoded commands via stdin in GCP/AWS exec functions (#3036 )	2026-03-27 06:11:50 +07:00
gcp	feat: add Cursor CLI agent across all clouds (#3018 )	2026-03-26 13:53:49 -07:00
hetzner	feat: add Cursor CLI agent across all clouds (#3018 )	2026-03-26 13:53:49 -07:00
local	feat: add Cursor CLI agent across all clouds (#3018 )	2026-03-26 13:53:49 -07:00
shared	fix: add sprite-keep-running.sh, remove Hetzner from Packer, cleanup on cancel (#2869 )	2026-03-22 18:13:38 +00:00
sprite	feat: add Cursor CLI agent across all clouds (#3018 )	2026-03-26 13:53:49 -07:00
test	fix: add ai-review.sh to bash -n syntax check list in e2e-lib.sh (#3005 )	2026-03-26 03:12:07 -07:00