spark-store/.github/workflows/build.yml at 1270405907b0928e3b232f3ab6ac9d9703f925c2

mirror of https://gitee.com/spark-store-project/spark-store synced 2026-04-26 01:10:16 +08:00

Files

google-labs-jules[bot] 1270405907 🔒 fix: Command Injection in install-manager.ts and CI failures

- Set `shell: false` in `spawn` calls in `install-manager.ts` to prevent command injection.
- Updated `AGENTS.md` to use the secure `shell: false` pattern in examples.
- Removed `package-lock.json` from `.gitignore` to support reproducible builds.
- Updated GitHub Actions workflows to use `npm install` instead of `npm ci` as a robust fallback.

Co-authored-by: vmomenv <51269338+vmomenv@users.noreply.github.com>

2026-03-10 16:08:16 +00:00

3.6 KiB

Raw Blame History

View Raw

3.6 KiB Raw Blame History

3.6 KiB

Raw Blame History