spawn

vrr/spawn

mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-19 16:39:50 +00:00

History

A 7378cab0b2 fix(security): add defensive validation to tmpdir cleanup in install.sh (#3000 ) Adds a non-empty check after mktemp and guards the EXIT trap so rm -rf only fires when tmpdir is non-empty and still a directory. This is a defense-in-depth hardening — the current code is safe due to set -e, but explicit validation is best practice for rm -rf operations. Fixes #2998 Agent: code-health Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-26 11:26:56 +07:00
..
install.ps1	refactor: remove packages/shared, deduplicate with CLI shared (#2257 )	2026-03-06 21:58:42 -05:00
install.sh	fix(security): add defensive validation to tmpdir cleanup in install.sh (#3000 )	2026-03-26 11:26:56 +07:00

fix(security): add defensive validation to tmpdir cleanup in install.sh (#3000 )

Adds a non-empty check after mktemp and guards the EXIT trap so rm -rf
only fires when tmpdir is non-empty and still a directory. This is a
defense-in-depth hardening — the current code is safe due to set -e,
but explicit validation is best practice for rm -rf operations.

Fixes #2998

Agent: code-health

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-26 11:26:56 +07:00

install.ps1

refactor: remove packages/shared, deduplicate with CLI shared (#2257 )

2026-03-06 21:58:42 -05:00

install.sh

fix(security): add defensive validation to tmpdir cleanup in install.sh (#3000 )

2026-03-26 11:26:56 +07:00