Security:
- 🔒 Fix: Escaped user-controlled configuration values (
cheatsDir,cacheFile) in the Plasma 6 widget's indexer command to prevent shell injection. Previously these values were interpolated with only double-quote wrapping, which does not prevent$()or backtick expansion. Now uses single-quote escaping via sharedescapeShell()/bashSafePath()utilities added tocheats.js.
Full Changelog: https://github.com/dominatos/devtoolbox-cheats/blob/main/CHANGELOG.md