Skip to content

fix: remove shell setting for wizer call#303

Merged
vados-cosmonic merged 1 commit intobytecodealliance:mainfrom
vados-cosmonic:fix=remove-shell-true
Oct 8, 2025
Merged

fix: remove shell setting for wizer call#303
vados-cosmonic merged 1 commit intobytecodealliance:mainfrom
vados-cosmonic:fix=remove-shell-true

Conversation

@vados-cosmonic
Copy link
Contributor

@vados-cosmonic vados-cosmonic commented Oct 8, 2025

This commit removes the shell: true configuration for the Wizer call, as it triggers a warning with more recent NodeJS versions, due to attempting to pass options to an spawned command when shell: true...

For reference the deprecation warning looks like this:

(node:2921631) [DEP0190] DeprecationWarning: Passing args to a child process with shell option true can lead to security vulnerabilities, as the arguments are not escaped, only concatenated.
(Use `node --trace-deprecation ...` to show where the warning was created)

We don't actually use user submitted args directly so we weren't really at risk of this, but better to have this not show up.

@vados-cosmonic
fix: remove shell setting for wizer call
fabfdcf 
This commit removes the `shell: true` configuration for the Wizer
call, as it triggers a warning with more recent NodeJS versions, due
to attempting to pass options to an spawned command when `shell: true`.
@vados-cosmonic vados-cosmonic merged commit df715bc into bytecodealliance:main Oct 8, 2025
12 checks passed
@vados-cosmonic vados-cosmonic deleted the fix=remove-shell-true branch October 8, 2025 18:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tschneidereit tschneidereit tschneidereit approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vados-cosmonic @tschneidereit