Josh Knapp 265b365f0b Fix security: enable CSP and eliminate shell injection in entrypoint ...

- Enable restrictive Content Security Policy in tauri.conf.json instead
  of null (disabled), restricting scripts/connects to self + Tauri IPC
- Fix shell injection in entrypoint.sh by replacing su -c with direct
  git config --file writes, preventing names with quotes (e.g. O'Brien)
  from breaking startup or enabling code execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-28 20:43:04 +00:00

5.9 KiB

Raw Blame History

View Raw