CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-05 05:05:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge PR #181: shell injection test for gstack-slug

Browse Source 
# Conflicts:
#	bin/gstack-slug
This commit is contained in:
Garry Tan
2026-03-22 09:56:17 -07:00
parent 949ccbe73c 02c76d3e8c
commit d00857cd5a
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
test/skill-validation.test.ts
+9
View File
@@ -979,6 +979,15 @@ describe('gstack-slug', () => {
expect(lines[0]).toMatch(/^SLUG=.+/);
expect(lines[1]).toMatch(/^BRANCH=.+/);
});
test('output values contain only safe characters (no shell metacharacters)', () => {
const result = Bun.spawnSync([SLUG_BIN], { cwd: ROOT, stdout: 'pipe', stderr: 'pipe' });
const slug = result.stdout.toString().match(/SLUG=(.*)/)?.[1] ?? '';
const branch = result.stdout.toString().match(/BRANCH=(.*)/)?.[1] ?? '';
// Only alphanumeric, dot, dash, underscore are allowed (#133)
expect(slug).toMatch(/^[a-zA-Z0-9._-]+$/);
expect(branch).toMatch(/^[a-zA-Z0-9._-]+$/);
});
});
// --- Test Bootstrap validation ---