A da30c7f5d3 security: replace eval with native indirect expansion in test/record.sh (#1351) ... Replaces fragile eval-based indirect variable expansion with bash's native ${!var} syntax. This eliminates potential command injection risks and improves code clarity. Changes: - Line 139: eval "local val=\${...}" → local val="${!env_var:-}" - Line 168: eval "local current_val=\${...}" → local current_val="${!env_var:-}" - Line 215: eval "[[ -n \${...} ]]" → [[ -n "${!env_var:-}" ]] - Line 223: eval "[[ -n \${...} ]]" → [[ -n "${!env_var:-}" ]] - Line 246: eval "local val=\${...}" → local val="${!env_var:-}" - Line 276: eval "local current=\${...}" → local current="${!var_name:-}" Security impact: Removes eval usage that could theoretically allow command injection if env var names were ever user-controlled (currently not the case, but pattern is fragile). Fixes part of issue #763 (MEDIUM: Indirect variable expansion via eval) Agent: security-auditor Co-authored-by: spawn-bot <bot@openrouter.ai> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>		2026-02-16 20:25:48 -05:00
..
fixtures	feat: trim to 9 curated launch clouds, upvote-driven discovery (#1184)	2026-02-15 00:19:39 -08:00
mock-curl-script.sh	feat: trim to 9 curated launch clouds, upvote-driven discovery (#1184)	2026-02-15 00:19:39 -08:00
mock.sh	feat: trim to 9 curated launch clouds, upvote-driven discovery (#1184)	2026-02-15 00:19:39 -08:00
qa-dry-run.sh	feat: qa bot and emails (#565)	2026-02-11 20:19:45 -08:00
record.sh	security: replace eval with native indirect expansion in test/record.sh (#1351)	2026-02-16 20:25:48 -05:00
run.sh	refactor: introduce cloud adapter + spawn_agent runner system (#1340)	2026-02-16 16:25:44 -08:00
update-readme.py	QA-Bot setup (#335)	2026-02-10 19:51:07 -08:00