v0.16.0
To mitigate the "BatBadBut vulnerability," this release introduces a significant breaking change that restricts execution of cmd.exe
.
For details, refer to the description of ChildProcessStartingBlockedException
. For background information, refer to the document on the "BatBadBut vulnerability": https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
Binary Breaking Changes
- (Windows) Executing
cmd.exe
now requiresChildProcessFlags.DisableArgumentQuoting
. - (Windows) Batch files (
*.bat
/*.cmd
) can no longer be executed.