Mirrors/coolify
1
0
Fork 0
mirror of https://github.com/coollabsio/coolify.git synced 2025-12-27 21:25:48 +00:00
Code Issues Actions 11 Packages Projects Releases Wiki Activity
coolify-json-detection
coolify/bootstrap
History
Andras Bacsai 954203db8c
Some checks are pending
Staging Build / build-push (aarch64, linux/aarch64, ubuntu-24.04-arm) (push) Waiting to run
Details
Staging Build / build-push (amd64, linux/amd64, ubuntu-24.04) (push) Waiting to run
Details
Staging Build / merge-manifest (push) Blocked by required conditions
Details
fix: Add escapeshellarg() to prevent command injection in loadConfigFromGit 
Add defense-in-depth shell argument escaping for repository URL, branch name,
and base_directory parameters in the loadConfigFromGit function. While input
validation rules already block dangerous characters, escapeshellarg() provides
an additional security layer at the function level.

Also adds comprehensive unit tests for shell argument escaping behavior.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-27 19:20:38 +01:00
..
cache init of v4 🌮 2023-03-17 15:33:48 +01:00
helpers fix: Add escapeshellarg() to prevent command injection in loadConfigFromGit 2025-12-27 19:20:38 +01:00
app.php testing php storm code cleanup and styling 2023-08-08 11:51:36 +02:00
getHelperVersion.php chore(versions): update coolify versions to v4.0.0-beta.389 and add helper version retrieval script 2025-01-22 14:01:05 +01:00
getRealtimeVersion.php refactor(workflows): replace jq with PHP script for version retrieval in workflows 2025-01-22 14:05:29 +01:00
getVersion.php Refactor getVersion.php to prevent GitHub Actions failure 2024-11-26 10:53:34 +01:00
includeHelpers.php Fix styling 2024-06-10 20:43:34 +00:00