mirror of
https://github.com/github/spec-kit.git
synced 2026-07-03 20:36:23 +08:00
run_command() forwarded shell= straight to subprocess.run, so a caller passing shell=True would invoke a shell. Reject shell=True with ValueError (keeping the parameter for signature compatibility) and drop shell= from both subprocess.run calls. Enable ruff S602/S604/S605 to flag any future shell=True reintroduction, annotate the one intentional workflow shell sink with # noqa: S602, and document the shell-step execution risk in workflows/PUBLISHING.md.
16 lines
432 B
Python
16 lines
432 B
Python
"""Tests for specify_cli._utils.run_command."""
|
|
|
|
from __future__ import annotations
|
|
|
|
import inspect
|
|
|
|
import pytest
|
|
|
|
from specify_cli import run_command
|
|
|
|
|
|
def test_run_command_rejects_shell_execution_compatibly():
|
|
assert inspect.signature(run_command).parameters["shell"].default is False
|
|
with pytest.raises(ValueError, match="does not support shell=True"):
|
|
run_command(["echo", "blocked"], shell=True) # noqa: S604
|