search

wakatime / wakatime-mode

Emacs plugin for automatic time tracking and metrics generated from your programming activity.
https://wakatime.com/emacs
267 stars 41 forks source link

Security: Sanitize filename passed to wakatime shell command #53

Closed juergenhoetzel closed 2 years ago

juergenhoetzel commented 3 years ago

This prevents executing arbitary shell commands by using malicious crafted filenames like '";touch hello.txt;"'

alanhamlett commented 2 years ago

That's great, thank you!