zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-03-30 13:43:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(hooks): add Windows .cmd support with shell injection guard

Browse Source 
Handle Windows .cmd shim resolution via spawnSync with strict path
validation. Removes shell:true injection risk, uses strict equality,
and restores .cmd support with path injection guard.
This commit is contained in:
Jonghyeok Park
2026-03-10 22:37:57 +09:00
parent 66498ae9ac
commit 0a3afbe38f
4 changed files with 33 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/lib/resolve-formatter.js
View File

@@ -86,7 +86,7 @@ function detectFormatter(projectRoot) {
const pkgPath = path.join(projectRoot, 'package.json');
if (fs.existsSync(pkgPath)) {
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
if (pkg.prettier != null) {
if ('prettier' in pkg) {
formatterCache.set(projectRoot, 'prettier');
return 'prettier';
}