marketing-shibata50/cmux
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Sanitize command before execution, not just display (#2122)

Browse source 
The confirm dialog showed a sanitized command (BiDi/zero-width stripped)
but executed the raw string, creating a display/consent mismatch.
Now the command is sanitized once and the same string is used for both
display and execution.

Co-authored-by: Lawrence Chen <lawrencecchen@users.noreply.github.com>
This commit is contained in:
Lawrence Chen 2026-03-25 00:28:30 -07:00 committed by GitHub
parent 5b82041160
commit 57237d9faa
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Sources/CmuxConfigExecutor.swift
View file

@ -13,7 +13,8 @@ struct CmuxConfigExecutor {
) {
if let workspace = command.workspace {
executeWorkspaceCommand(command: command, workspace: workspace, tabManager: tabManager, baseCwd: baseCwd)
} else if let shellCommand = command.command {
} else if let rawCommand = command.command {
let shellCommand = sanitizeForDisplay(rawCommand)
let needsConfirm = command.confirm ?? false
if needsConfirm, let sourcePath = configSourcePath {
let trusted = CmuxDirectoryTrust.shared.isTrusted(