Lines 439-487javascript
439 let i = 0, label = text2;
440 const iv = setInterval(() => process.stderr.write(`\r${paint.cyan(frames[i = (i + 1) % frames.length])} ${label} `), 80);
447 process.stderr.write("\r\x1B[K" + (final ? final + "\n" : ""));
451async function ask(question) {
452 const rl = createInterface({ input: process.stdin, output: process.stderr });
454 return (await new Promise((res) => rl.question(question, res))).trim();
459function note(ctx, msg) {
460 if (!ctx.quiet) process.stderr.write(msg + "\n");
463// src/commands/init.ts
464import { defineCommand as defineCommand2 } from "citty";
466// src/commands/login.ts
467import { defineCommand } from "citty";
468import { spawn } from "child_process";
469import { createServer } from "http";
470import { randomBytes } from "crypto";
HighCommand Output Exfiltration
Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/pt.jsView on unpkg · L459 471import { hostname } from "os";
472function openBrowser(url2) {
473 const [cmd, args] = process.platform === "darwin" ? ["open", [url2]] : process.platform === "win32" ? ["cmd", ["/c", "start", "", url2]] : [
475 spawn(cmd, args, { stdio: "ignore", detached: true }).unref();
479function loopbackLogin(ctx, dash) {
480 const state = randomBytes(16).toString("hex");
481 return new Promise((resolve, reject) => {
483 const done = (fn) => {