docs: acknowledge Y4tacker security report#6038
Conversation
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Code Review
This pull request updates the SECURITY.md file to add a 'Security Acknowledgements' section, thanking a security researcher for reporting a command injection vulnerability. There are no review comments, and I have no additional feedback to provide.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
Deploying egg with
|
| Latest commit: |
24e53d6
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://d61ab5af.egg-cci.pages.dev |
| Branch Preview URL: | https://agent-add-y4tacker-security.egg-cci.pages.dev |
Deploying egg-v3 with
|
| Latest commit: |
24e53d6
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://5e78754e.egg-v3.pages.dev |
| Branch Preview URL: | https://agent-add-y4tacker-security.egg-v3.pages.dev |
Summary
Add a Security Acknowledgements section to
SECURITY.mdand credit Y4tacker for responsibly reporting the command injection vulnerability in@eggjs/security'sescapeShellArghelper.References
Validation
Documentation-only change; verified the acknowledgement and fix links in the rendered Markdown structure.