Fix plugin discovery logic and restore missing geometry method#3
Merged
srpatcha merged 1 commit intoembeddedos-org:masterfrom Apr 17, 2026
Merged
Conversation
RinZ27
requested review from
hshanmug12,
maheshmunnangi and
srpatcha
as code owners
RinZ27
force-pushed
the
fix/rce-plugin-discovery
branch
from
9b77d29 to
6bef502
Compare
RinZ27
changed the title
srpatcha
approved these changes
Apr 17, 2026
Member
srpatcha
left a comment
srpatcha
left a comment
There was a problem hiding this comment.
LGTM - Security fix removing CWD from plugin search and compute_normals restoration. CI green.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Removing the current working directory from the plugin search path is necessary to prevent unauthorized code execution when opening untrusted projects. While testing this change, I noticed the STL exporter tests were failing due to a missing
compute_normalsmethod in theMeshclass, likely a regression from the initial extraction.Restoring this method ensures the test suite passes and improves overall geometry robustness. Both the security fix and the supporting structural fix have been verified locally with the full test suite.