search

phylum-dev / cli

Command line interface for the Phylum API
https://phylum.io
GNU General Public License v3.0
99 stars 10 forks source link

Fix termination of sandboxed processes #1400

Closed cd-work closed 2 months ago

cd-work commented 2 months ago

Subprocesses spawned inside a sandbox for extensions or lockfile generation would keep running when the CLI is killed, since signals were not propagated to the child process.

This patch updates CLI to use Birdcage 0.8.0 which spawns a separate init process for PID 1 inside the PID namespace automatically terminating any child even if unresponsive.

Closes #1370.

phylum-io[bot] commented 2 months ago

Phylum OSS Supply Chain Risk Analysis - INCOMPLETE

The analysis contains 1 package(s) Phylum has not yet processed, preventing a complete risk analysis. Phylum is processing these packages currently and should complete soon. Please wait for up to 30 minutes, then re-run the analysis.

View this project in the Phylum UI

phylum-io[bot] commented 2 months ago

Phylum OSS Supply Chain Risk Analysis - SUCCESS

The Phylum risk analysis is complete and has passed the active policy.

View this project in the Phylum UI

phylum-io[bot] commented 2 months ago

Phylum OSS Supply Chain Risk Analysis - INCOMPLETE

The analysis contains 1 package(s) Phylum has not yet processed, preventing a complete risk analysis. Phylum is processing these packages currently and should complete soon. Please wait for up to 30 minutes, then re-run the analysis.

View this project in the Phylum UI