Add package validation guard and make pacman idempotent
- Add explicit validation in UpdatePackage to require package name when 'all' is false, preventing empty package commands being sent to servers - Add --needed flag to pacman install in InstallDocker for idempotent Docker installation on Arch Linux 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Andras Bacsai
parent
9bb77da9a4
commit
089007919d
2 changed files with 9 additions and 1 deletions
|
|
@ -158,7 +158,8 @@ private function getArchDockerInstallCommand(): string
|
|||
// Use -Syu to perform full system upgrade before installing Docker
|
||||
// Partial upgrades (-Sy without -u) are discouraged on Arch Linux
|
||||
// as they can lead to broken dependencies and system instability
|
||||
return 'pacman -Syu --noconfirm docker docker-compose && '.
|
||||
// Use --needed to skip reinstalling packages that are already up-to-date (idempotent)
|
||||
return 'pacman -Syu --noconfirm --needed docker docker-compose && '.
|
||||
'systemctl enable docker.service && '.
|
||||
'systemctl start docker.service';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,6 +21,13 @@ public function handle(Server $server, string $osId, ?string $package = null, ?s
|
|||
];
|
||||
}
|
||||
|
||||
// Validate that package name is provided when not updating all packages
|
||||
if (! $all && ($package === null || $package === '')) {
|
||||
return [
|
||||
'error' => "Package name required when 'all' is false.",
|
||||
];
|
||||
}
|
||||
|
||||
// Sanitize package name to prevent command injection
|
||||
// Only allow alphanumeric characters, hyphens, underscores, periods, plus signs, and colons
|
||||
// These are valid characters in package names across most package managers
|
||||
|
|
|
|||
Loading…
Reference in a new issue