everything-claude-code/tests at 051e257a0f94250736b2405a14f18292bb82f388 - everything-claude-code - Gitea

elias/everything-claude-code

mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-06-16 16:36:53 +08:00

History

OrbisAI Security cf59d0d283

fix: sanitize subprocess call in runner.py (#2149 )

* fix: V-001 security vulnerability

Automated security fix generated by OrbisAI Security

* fix: sanitize subprocess call in runner.py

The runner

* fix: address PR review comments on V-001 allowlist and test coverage

Remove dangerous interpreters (python, python3, node, curl, wget) from
ALLOWED_SETUP_EXECUTABLES — they can execute arbitrary code via argument
flags and are not needed for sandbox setup. Rewrite test_invariant_runner
to call _setup_sandbox directly instead of spawning runner.py as a
subprocess (which had no __main__ entrypoint and never exercised the fix).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-06-15 13:49:45 -04:00

..

fix: prevent IOC scanner false positives on hook filenames and scan .cursor configs (#2245 )

2026-06-15 13:48:50 -04:00

fix: accept crlf command frontmatter

2026-04-30 03:41:18 -04:00

release: 2.0.0 — the agent harness operating system

2026-06-09 21:40:40 -04:00

fix(hooks): stop pre/post Bash dispatcher from echoing the input event (#2240 )

2026-06-15 13:48:46 -04:00

fix(hooks): avoid escaped quotes in plugin bootstrap

2026-05-19 05:15:42 -04:00

fix: context-size /compact trigger, Codex marketplace plugin path, live README badges (#2237 )

2026-06-11 16:21:53 -04:00

fix(security): add host/origin allowlist + validate git refs + quote workflow input (#2185 )

2026-06-15 13:49:40 -04:00

__init__.py

Small changes

2026-04-12 12:34:45 +05:30

codex-config.test.js

fix(codex): broaden context7 config checks

2026-03-29 00:26:16 -04:00

conftest.py

docs: salvage focused stale PR contributions

2026-05-11 05:31:12 -04:00

opencode-config.test.js

fix: namespace opencode command agents

2026-04-05 14:21:57 -07:00

opencode-plugin-hooks.test.js

fix: harden opencode project file probes

2026-05-11 22:40:19 -04:00

plugin-manifest.test.js

fix: context-size /compact trigger, Codex marketplace plugin path, live README badges (#2237 )

2026-06-11 16:21:53 -04:00

run-all.js

feat: worktree-lifecycle service (deterministic conflict prediction + safe GC) (#2164 )

2026-06-07 13:00:08 +08:00

test_astraflow_provider.py

feat: add Astraflow provider support

2026-05-11 23:21:46 -04:00

test_builder.py

docs: salvage focused stale PR contributions

2026-05-11 05:31:12 -04:00

test_claude_provider.py

docs: salvage focused stale PR contributions

2026-05-11 05:31:12 -04:00

test_executor.py

Small changes

2026-04-12 12:34:45 +05:30

test_invariant_runner.py

fix: sanitize subprocess call in runner.py (#2149 )

2026-06-15 13:49:45 -04:00

test_provider_tools.py

fix: harden openai-compatible provider responses

2026-05-18 01:04:28 -04:00

test_resolver.py

feat: add Astraflow provider support

2026-05-11 23:21:46 -04:00

test_templates.py

docs: salvage focused stale PR contributions

2026-05-11 05:31:12 -04:00

test_types.py

feat: add Astraflow provider support

2026-05-11 23:21:46 -04:00