Revert process_manager.rb changes from commit 5740b0e

- Remove PROCESS_MANAGERS constant (revert to explicit calls)
- Revert procfile validation to stricter shell metacharacter check
- Keep spec file changes from commit 5740b0e (around hook improvements)

Co-authored-by: Abanoub Ghadban <[email protected]>

Author: github-actions[bot]

lib/react_on_rails/dev/process_manager.rb

@@ -8,9 +8,6 @@ class ProcessManager
       # Timeout for version check operations to prevent hanging
       VERSION_CHECK_TIMEOUT = 5
 
-      # Process managers in order of preference
-      PROCESS_MANAGERS = %w[overmind foreman].freeze
-
       class << self
         # Check if a process is available and usable in the current execution context
         # This accounts for bundler context where system commands might be intercepted
@@ -39,9 +36,8 @@ def run_with_process_manager(procfile)
           FileManager.cleanup_stale_files
 
           # Try process managers in order of preference
-          PROCESS_MANAGERS.each do |pm|
-            return if run_process_if_available(pm, ["start", "-f", procfile])
-          end
+          return if run_process_if_available("overmind", ["start", "-f", procfile])
+          return if run_process_if_available("foreman", ["start", "-f", procfile])
 
           show_process_manager_installation_help
           exit 1
@@ -159,9 +155,11 @@ def show_process_manager_installation_help
         end
 
         def valid_procfile_path?(procfile)
-          # system is invoked with args (no shell), so shell metacharacters are safe.
-          # Ensure it's a readable regular file.
-          File.file?(procfile) && File.readable?(procfile)
+          # Reject paths with shell metacharacters
+          return false if procfile.match?(/[;&|`$(){}\[\]<>]/)
+
+          # Ensure it's a readable file
+          File.readable?(procfile)
         rescue StandardError
           false
         end