Skip to content

sync: upstream @just-bash/executor@2.0.0#17

Open
github-actions[bot] wants to merge 10 commits into
flowglad-mainfrom
sync-@just-bash/executor@2.0.0
Open

sync: upstream @just-bash/executor@2.0.0#17
github-actions[bot] wants to merge 10 commits into
flowglad-mainfrom
sync-@just-bash/executor@2.0.0

Conversation

@github-actions

@github-actions github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown

Automated upstream sync to @just-bash/executor@2.0.0.

Source merge clean; pnpm install, build, typecheck, and focused patched-behavior tests all passed. After merge, cut the next Flowglad package-root tag with pnpm flowglad:tag --tag v@just-bash/executor@2.0.0-fgp.<n> --push.


View with Codesmith Autofix with Codesmith
Need help on this PR? Tag /codesmith with what you need. Autofix is disabled.

mutewinter and others added 10 commits June 29, 2026 04:40
…ense-in-depth (vercel-labs#273) (vercel-labs#277)

Any non-export variable assignment (bare SECRET=s, prefixed SECRET=s cmd, or
before a custom command) failed under defense-in-depth with 'dynamic import of
Node.js builtin node:module is blocked during script execution'. The assignment
path resolved isArray via await import(./expansion.js), whose bundled chunk
imports node:module via the createRequire banner; the defense ESM resolve hook
blocked it. expansion.js is already statically imported, so isArray now comes
from that static import and both lazy imports are removed.
…rings (vercel-labs#259) (vercel-labs#276)

normalizeScript() trimStart()s leading indentation from script lines so
indented template literals parse, but it ran line-by-line and also stripped
leading whitespace inside multi-line single/double-quoted strings (e.g.
python3 -c with an indented body -> IndentationError). Make it quote-aware,
mirroring the earlier heredoc-aware fix: track open quote state across lines
and only strip indentation from lines that begin outside any quote; lines
that begin inside an unterminated quote are preserved verbatim. Un-skips four
sed spec tests whose indented stdin was being corrupted.
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…ercel-labs#268)

* test(jq): add tests for string interpolation with nested double-quoted s

Agent-Id: agent-12c8b5b5-e758-422a-bee6-ab6b2e25517d
Linked-Note-Id: 8fe42115-4710-4194-aed6-c1449d679579

* fix(jq): handle nested string literals in \(...) interpolation expressio

Agent-Id: agent-9bd6017d-ea22-4bd6-8190-b306d67d0cbc
Linked-Note-Id: edb667b3-8f39-4a48-b003-3ec0b657dcda

* chore: add changeset for jq nested string interpolation fix

Agent-Id: agent-4db0ce47-132c-4959-81a1-0f363ca00c71
Linked-Note-Id: c350e3c0-9d82-4715-b108-f7bc79a4e1a5

* test: unskip jq nested interpolation spec

Signed-off-by: Lars Trieloff <lars@trieloff.net>

---------

Signed-off-by: Lars Trieloff <lars@trieloff.net>
When rg receives piped stdin with no explicit path arguments, it now
searches stdin instead of defaulting to the current directory. This
matches real ripgrep behavior and is consistent with how grep already
handles stdin in just-bash.

The fix checks for non-empty stdin before defaulting to ".". When stdin
has content and no paths are given, searchContent is called directly on
the stdin text with all applicable options (invert, count, context, etc).

Also fixes the existing rg.utf8-stdin test which was previously passing
by accident — it tested piped stdin but rg was actually searching the
filesystem.

Fixes vercel-labs#280
…cel-labs#284)

Add the optional BashOptions capability flags (python, javascript, commands,
customCommands, fetch) to SandboxOptions and forward them into the internal
new Bash({...}) that Sandbox.create builds. They were previously dropped, so a
host driving just-bash via the Sandbox API could not enable python3, js-exec, a
restricted command set, custom commands, or a custom fetch even though the
runtimes ship in the package.

Behavior is unchanged when the fields are omitted (each falls back to its
existing BashOptions default). Adds forwarding tests in the unit suite
(customCommands + restricted commands) and a python3 end-to-end test in the
WASM suite, plus a changeset.

Signed-off-by: Ari Mayer <ari111097@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@github-actions github-actions Bot added the ready-for-merge Auto-sync PR with clean merge + green build label Jul 8, 2026
@CLAassistant

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
0 out of 7 committers have signed the CLA.

❌ privatenumber
❌ mutewinter
❌ trieloff
❌ github-actions[bot]
❌ flowglad-sync[bot]
❌ arimxyer
❌ mohan-garimella


flowglad-sync[bot] seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

ready-for-merge Auto-sync PR with clean merge + green build

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants