A e28deca91b fix: replace python3 with bun/jq in shared scripts (#1697) (#1701) ... * fix: replace python3 with bun/jq in shared scripts (#1697) Replace python3 -c inline scripting with jq (preferred) and bun -e fallbacks per project policy. Python is not a declared dependency; jq and bun are the project's scripting runtimes. Changes: - shared/common.sh: Replace all 9 python3 -c calls with jq/bun -e - shared/key-request.sh: Replace all 4 python3 -c calls with jq/bun -e - check_python_available: Now checks for jq or bun instead of python3 - Update test expectations for JS semantics (true/false vs True/False, bracket access vs .get(), null handling) Fixes #1697 Agent: security-auditor Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: replace eval() with safe property access, rename check_python_available Security: eliminate eval() from _extract_json_field() — use regex-based bracket-notation parser to traverse JSON paths safely. The function now extracts ['key'] and [N] segments from the expression string and iterates through them, preventing arbitrary code execution. Also rename check_python_available() → check_json_processor_available() throughout the codebase (shared/common.sh, local/lib/common.sh, and tests) since the function now checks for jq/bun, not python3. Agent: security-auditor Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> --------- Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>		2026-02-22 09:57:49 -08:00
..
common.sh	fix: replace python3 with bun/jq in shared scripts (#1697) (#1701)	2026-02-22 09:57:49 -08:00
github-auth.sh	fix: add --no-install-recommends to all apt calls across clouds (#1631)	2026-02-21 18:12:19 -05:00
key-request.sh	fix: replace python3 with bun/jq in shared scripts (#1697) (#1701)	2026-02-22 09:57:49 -08:00