github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 02:42:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(exec): split host flows and harden safe-bin trust

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-19 14:21:07 +01:00
parent b45bb6801c
commit fec48a5006
10 changed files with 834 additions and 616 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/infra/exec-safe-bin-trust.ts
View File

@@ -29,6 +29,7 @@ type TrustedSafeBinCache = {
};
let trustedSafeBinCache: TrustedSafeBinCache | null = null;
const STARTUP_PATH_ENV = process.env.PATH ?? process.env.Path ?? "";
function normalizeTrustedDir(value: string): string | null {
const trimmed = value.trim();
@@ -74,7 +75,7 @@ export function getTrustedSafeBinDirs(
} = {},
): Set<string> {
const delimiter = params.delimiter ?? path.delimiter;
const pathEnv = params.pathEnv ?? process.env.PATH ?? process.env.Path ?? "";
const pathEnv = params.pathEnv ?? STARTUP_PATH_ENV;
const key = buildTrustedSafeBinCacheKey(pathEnv, delimiter);
if (!params.refresh && trustedSafeBinCache?.key === key) {