mirror of
https://github.com/khodges42/nightShift.git
synced 2026-06-14 18:18:36 +00:00
21 lines
863 B
Markdown
21 lines
863 B
Markdown
# Phase 19 Devlog: Stronger Command Execution
|
|
|
|
## Implemented
|
|
|
|
- Added command stage `shell` option, defaulting to true for backward compatibility.
|
|
- Added command stage `timeout_seconds` override.
|
|
- Added command stage `working_dir` restricted to the project root.
|
|
- Added `safety.allowed_env` for optional environment variable pass-through.
|
|
- Added argv-style execution path when `shell: false`.
|
|
- Added tests for shell-free execution and working-directory restrictions.
|
|
|
|
## Decisions Made
|
|
|
|
- Existing string command config remains valid.
|
|
- `shell: false` still uses the same exact allowlist check before splitting into argv.
|
|
- `PATH` is preserved when an environment allowlist is configured so common executables remain discoverable.
|
|
|
|
## Notes
|
|
|
|
- Future hardening can move toward structured command definitions, but this phase avoids breaking current configs.
|