singularity/singularity-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
singularity-forge/packages/pi-coding-agent/src
History
Lex Christopherson 2c4f5de321 fix: eliminate command injection and unhandled JSON.parse in LSP tool 
- config.ts: Replace execSync(`which ${command}`) with spawnSync("which", [command])
  to prevent shell injection from malicious lsp.json config files
- client.ts: Wrap JSON.parse in parseMessage with try/catch and handle null messages
  in the stream reader to prevent process crashes from malformed LSP output

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-13 11:45:04 -06:00
..
cli feat: vendor Pi source into workspace monorepo 2026-03-12 21:55:17 -06:00
core fix: eliminate command injection and unhandled JSON.parse in LSP tool 2026-03-13 11:45:04 -06:00
modes fix: handle non-thinking models correctly in /thinking command (#129) 2026-03-13 10:58:49 -06:00
utils fix: sanitize Windows NUL redirects to /dev/null in Git Bash (#157) 2026-03-13 09:33:28 -06:00
cli.ts feat: vendor Pi source into workspace monorepo 2026-03-12 21:55:17 -06:00
config.ts feat: TTSR + blob/artifact storage (ported from oh-my-pi) 2026-03-13 08:43:56 -06:00
index.ts fix: sanitize Windows NUL redirects to /dev/null in Git Bash (#157) 2026-03-13 09:33:28 -06:00
main.ts feat: vendor Pi source into workspace monorepo 2026-03-12 21:55:17 -06:00
migrations.ts feat: vendor Pi source into workspace monorepo 2026-03-12 21:55:17 -06:00