spath-cli 0.1.0

A Windows PATH security scanner and fixer - detects and fixes unquoted paths with spaces
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131

# spath


![spath banner](img/1765746905745-019b1eb7-0a53-7269-9766-481e69cf3b4e.png)

**Languages:** [Русский](docs/README.ru.md) | [日本語](docs/README.ja.md)

Windows PATH security scanner and optimizer.

## Problem


Windows PATH entries with spaces but without quotes create security vulnerabilities that can be exploited for privilege escalation attacks.

## Solution


spath detects and fixes these vulnerabilities automatically.

## Installation


### Download (easiest)


Download from [GitHub Releases](https://github.com/vremyavnikuda/spath_cli/releases):

- `spath-setup.exe` — Installer (adds to PATH automatically)
- `spath.exe` — Standalone executable
- `spath-windows-x64.zip` — Archive with docs

### From crates.io


```bash
cargo install spath-cli
```

### From source


```bash
cargo build --release
```

Binary location: `target/release/spath.exe`

## Commands


### Scan


Analyze PATH for security issues.

```bash
spath scan
spath scan --verbose
spath scan --audit
```

### Fix


Fix USER PATH issues (no admin required).

```bash
spath fix --dry-run
spath fix
spath fix --delicate
```

### Analyze


Analyze both SYSTEM and USER PATH.

```bash
spath analyze
```

### Clean


Remove duplicate paths and optimize PATH.

```bash
spath clean --dry-run
spath clean
spath clean --system
spath clean --delicate
```

### Backup Management


```bash
spath backup
spath list-backups
spath restore <backup-file>
spath restore <backup-file> --delicate
```

## Issue Types


**CRITICAL**: Unquoted paths with spaces - security vulnerability

**WARNING**: Non-existent paths or relative paths

**INFO**: Informational messages

## Workflow


1. Scan: `spath scan --audit`
2. Analyze: `spath analyze`
3. Backup: `spath backup`
4. Fix USER PATH: `spath fix`
5. Remove duplicates: `spath clean`
6. If needed, restore: `spath restore <backup-file>`

## Requirements


- Windows 10 or later
- Rust 1.70+ (for building from source)

## Options


- `--dry-run` or `-d` - Preview changes without applying
- `--delicate` - Ask for confirmation before applying changes
- `--system` or `-s` - Include SYSTEM PATH operations (requires admin)
- `--verbose` or `-v` - Show detailed information
- `--audit` or `-a` - Show detailed audit report

## Notes


- USER PATH changes do not require administrator rights
- SYSTEM PATH changes require administrator rights
- Automatic backup before any changes
- Restart applications to apply PATH changes
- Use `--delicate` for extra safety with confirmation prompts

## License


MIT License - see the [LICENSE](LICENSE) file for details