hermes-agent/tui_gateway
EloquentBrush c8e5f999c2 fix(cli,tui-gateway): sanitize env and redact output in exec quick commands
HermesCLI.process_command() and tui_gateway command.dispatch both handle
type: exec quick commands via subprocess.run(shell=True) with no env=
parameter, so the child inherits the full process environment — all API
keys and bot tokens stored in os.environ are visible to the script.
Any output is returned raw to the terminal or web-UI client without
redaction.

Fix: mirror the approach applied to gateway/run.py in #23584.
Apply _sanitize_subprocess_env() before spawning the subprocess and
redact_sensitive_text() on the collected output before display.
Symmetric across all three exec quick-command paths.

Parity with gateway/run.py fix in #23584.
2026-07-01 00:41:02 -07:00
..
__init__.py
entry.py fix(mcp): late-refresh must see desktop/dashboard discovery thread owner (#55514) 2026-06-30 02:08:37 -07:00
event_publisher.py
git_probe.py fix(windows): hide console-window flash on backend git/gh/wmic/bash subprocess spawns 2026-06-28 05:28:45 -07:00
loop_noise.py fix(tui_gateway): suppress WS peer-hangup teardown error flood (#50005) (#54126) 2026-06-28 02:35:01 -07:00
project_tree.py feat(gateway): build authoritative project tree 2026-06-25 16:40:27 -05:00
render.py
server.py fix(cli,tui-gateway): sanitize env and redact output in exec quick commands 2026-07-01 00:41:02 -07:00
slash_worker.py revert(windows): roll back terminal-popup PRs #53791 #53810 #53829 (#53853) 2026-06-27 15:59:00 -07:00
transport.py fix(tui-gateway): harden stdio transport against half-closed pipes + SIGTERM races (#17118) 2026-04-28 17:54:06 -05:00
ws.py fix(tui_gateway): prevent WS disconnect under GIL pressure 2026-06-30 03:11:13 -07:00