fix(scripts): harden bash scripts — escape, compat, and error handling (#1869)

* fix(scripts): harden bash scripts with escape, compat, and cleanup fixes - common.sh: complete RFC 8259 JSON escape (\b, \f, strip control chars) - common.sh: distinguish python3 success-empty vs failure in resolve_template - check-prerequisites.sh: escape doc names through json_escape in fallback path - create-new-feature.sh: remove duplicate json_escape (already in common.sh) - create-new-feature.sh: warn on stderr when spec template is not found - update-agent-context.sh: move nested function to top-level for bash 3.2 compat * fix(scripts): explicit resolve_template return code and best-effort agent updates - common.sh: resolve_template now returns 1 when no template is found, making the "not found" case explicit instead of relying on empty stdout - setup-plan.sh, create-new-feature.sh: add || true to resolve_template calls so set -e does not abort on missing templates (non-fatal) - update-agent-context.sh: accumulate errors in update_all_existing_agents instead of silently discarding them — all agents are attempted and the composite result is returned, matching the PowerShell equivalent behavior * style(scripts): add clarifying comment in resolve_template preset branch * fix(scripts): wrap python3 call in if-condition to prevent set -e abort Move the python3 command substitution in resolve_template into an if-condition so that a non-zero exit (e.g. invalid .registry JSON) does not abort the function under set -e. The fallback directory scan now executes as intended regardless of caller errexit settings. * fix(scripts): track agent file existence before update and avoid top-level globals - _update_if_new now records the path and sets _found_agent before calling update_agent_file, so that failures do not cause duplicate attempts on aliased paths (AMP/KIRO/BOB -> AGENTS_FILE) or false "no agent files found" fallback triggers - Remove top-level initialisation of _updated_paths and _found_agent; they are now created exclusively inside update_all_existing_agents, keeping the script side-effect free when sourced
2026-03-17 19:03:08 +00:00 · 2026-03-16 23:51:47 +01:00
parent 82b8ce4295
commit 9c0c1446ec
5 changed files with 87 additions and 72 deletions
--- a/scripts/bash/common.sh
+++ b/scripts/bash/common.sh
@@ -161,7 +161,7 @@ has_jq() {
 }

 # Escape a string for safe embedding in a JSON value (fallback when jq is unavailable).
-# Handles backslash, double-quote, and control characters (newline, tab, carriage return).
+# Handles backslash, double-quote, and JSON-required control character escapes (RFC 8259).
 json_escape() {
    local s="$1"
    s="${s//\\/\\\\}"
@@ -169,6 +169,10 @@ json_escape() {
    s="${s//$'\n'/\\n}"
    s="${s//$'\t'/\\t}"
    s="${s//$'\r'/\\r}"
+    s="${s//$'\b'/\\b}"
+    s="${s//$'\f'/\\f}"
+    # Strip remaining control characters (U+0000–U+001F) not individually escaped above
+    s=$(printf '%s' "$s" | tr -d '\000-\007\013\016-\037')
    printf '%s' "$s"
 }

@@ -194,9 +198,11 @@ resolve_template() {
    if [ -d "$presets_dir" ]; then
        local registry_file="$presets_dir/.registry"
        if [ -f "$registry_file" ] && command -v python3 >/dev/null 2>&1; then
-            # Read preset IDs sorted by priority (lower number = higher precedence)
-            local sorted_presets
-            sorted_presets=$(SPECKIT_REGISTRY="$registry_file" python3 -c "
+            # Read preset IDs sorted by priority (lower number = higher precedence).
+            # The python3 call is wrapped in an if-condition so that set -e does not
+            # abort the function when python3 exits non-zero (e.g. invalid JSON).
+            local sorted_presets=""
+            if sorted_presets=$(SPECKIT_REGISTRY="$registry_file" python3 -c "
 import json, sys, os
 try:
    with open(os.environ['SPECKIT_REGISTRY']) as f:
@@ -206,14 +212,17 @@ try:
        print(pid)
 except Exception:
    sys.exit(1)
-" 2>/dev/null)
-            if [ $? -eq 0 ] && [ -n "$sorted_presets" ]; then
-                while IFS= read -r preset_id; do
-                    local candidate="$presets_dir/$preset_id/templates/${template_name}.md"
-                    [ -f "$candidate" ] && echo "$candidate" && return 0
-                done <<< "$sorted_presets"
+" 2>/dev/null); then
+                if [ -n "$sorted_presets" ]; then
+                    # python3 succeeded and returned preset IDs — search in priority order
+                    while IFS= read -r preset_id; do
+                        local candidate="$presets_dir/$preset_id/templates/${template_name}.md"
+                        [ -f "$candidate" ] && echo "$candidate" && return 0
+                    done <<< "$sorted_presets"
+                fi
+                # python3 succeeded but registry has no presets — nothing to search
            else
-                # python3 returned empty list — fall through to directory scan
+                # python3 failed (missing, or registry parse error) — fall back to unordered directory scan
                for preset in "$presets_dir"/*/; do
                    [ -d "$preset" ] || continue
                    local candidate="$preset/templates/${template_name}.md"
@@ -246,8 +255,9 @@ except Exception:
    local core="$base/${template_name}.md"
    [ -f "$core" ] && echo "$core" && return 0

-    # Return success with empty output so callers using set -e don't abort;
-    # callers check [ -n "$TEMPLATE" ] to detect "not found".
-    return 0
+    # Template not found in any location.
+    # Return 1 so callers can distinguish "not found" from "found".
+    # Callers running under set -e should use: TEMPLATE=$(resolve_template ...) || true
+    return 1
 }