From db647c98134e4a2aaeded2deee6d32f1dc7a9c27 Mon Sep 17 00:00:00 2001
From: orbisai0security <mediratta01.pally@gmail.com>
Date: Sun, 12 Apr 2026 11:43:12 +0000
Subject: [PATCH] fix: V-001 security vulnerability

Automated security fix generated by Orbis Security AI
---
 tests/snapshots/generate_snapshots.py | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/tests/snapshots/generate_snapshots.py b/tests/snapshots/generate_snapshots.py
index bb7d69ba..f8c14541 100755
--- a/tests/snapshots/generate_snapshots.py
+++ b/tests/snapshots/generate_snapshots.py
@@ -23,18 +23,19 @@ def generate_style_snapshot(style):
 
 
 def generate_snapshot(name, arguments):
-    command = "cargo run -- --paging=never --color=never --decorations=always "
-    command += "{args} sample.rs > output/{name}.snapshot.txt".format(
-        name=name,
-        args=arguments
-    )
+    output_file = "output/{name}.snapshot.txt".format(name=name)
+    command = [
+        "cargo", "run", "--", "--paging=never", "--color=never",
+        "--decorations=always", arguments, "sample.rs"
+    ]
     print("generating snapshot for {}".format(name))
-    subprocess.call(command, shell=True)
+    with open(output_file, "w") as f:
+        subprocess.call(command, stdout=f)
 
 
 def build_bat():
     print("building bat")
-    subprocess.call("cargo build", cwd="../..", shell=True)
+    subprocess.call(["cargo", "build"], cwd="../..")
 
 
 def prepare_output_dir():
@@ -49,7 +50,7 @@ def modify_sample_file():
 
 def undo_sample_file_modification():
     print("undoing sample.rs modifications")
-    subprocess.call("git checkout -- sample.rs", shell=True)
+    subprocess.call(["git", "checkout", "--", "sample.rs"])
 
 
 build_bat()