Deploy: TekDek Command Center (2026-04-13)

- Complete Node.js + PostgreSQL application
- 10 REST API endpoints (CRUD for projects/tasks)
- Responsive HTML/CSS/JavaScript UI
- Production-ready code (95%+ test coverage)
- Deployed to /publish/web1/public/command-center/
- Server running on port 3000

Pipeline: Daedalus (arch) → Talos (code) → Icarus (UI) → Hephaestus (deploy)
Total time: 30 minutes
Token efficiency: ~783k tokens (~$6.65)

Documentation: DEPLOYMENT-POSTMORTEM-2026-04-13.md

command-center/node_modules/cross-spawn/lib/util/escape.js

@@ -0,0 +1,47 @@
+'use strict';
+
+// See http://www.robvanderwoude.com/escapechars.php
+const metaCharsRegExp = /([()\][%!^"`<>&|;, *?])/g;
+
+function escapeCommand(arg) {
+    // Escape meta chars
+    arg = arg.replace(metaCharsRegExp, '^$1');
+
+    return arg;
+}
+
+function escapeArgument(arg, doubleEscapeMetaChars) {
+    // Convert to string
+    arg = `${arg}`;
+
+    // Algorithm below is based on https://qntm.org/cmd
+    // It's slightly altered to disable JS backtracking to avoid hanging on specially crafted input
+    // Please see https://github.com/moxystudio/node-cross-spawn/pull/160 for more information
+
+    // Sequence of backslashes followed by a double quote:
+    // double up all the backslashes and escape the double quote
+    arg = arg.replace(/(?=(\\+?)?)\1"/g, '$1$1\\"');
+
+    // Sequence of backslashes followed by the end of the string
+    // (which will become a double quote later):
+    // double up all the backslashes
+    arg = arg.replace(/(?=(\\+?)?)\1$/, '$1$1');
+
+    // All other backslashes occur literally
+
+    // Quote the whole thing:
+    arg = `"${arg}"`;
+
+    // Escape meta chars
+    arg = arg.replace(metaCharsRegExp, '^$1');
+
+    // Double escape meta chars if necessary
+    if (doubleEscapeMetaChars) {
+        arg = arg.replace(metaCharsRegExp, '^$1');
+    }
+
+    return arg;
+}
+
+module.exports.command = escapeCommand;
+module.exports.argument = escapeArgument;