coolify

rosslh/coolify

Fork 0

Commit graph

Author	SHA1	Message	Date
Andras Bacsai	096d4369e5	fix(sentinel): add token validation to prevent command injection Add validation to ensure sentinel tokens contain only safe characters (alphanumeric, dots, hyphens, underscores, plus, forward slash, equals), preventing OS command injection vulnerabilities when tokens are interpolated into shell commands. - Add ServerSetting::isValidSentinelToken() validation method - Validate tokens in StartSentinel action and metrics queries - Improve shell argument escaping with escapeshellarg() - Add comprehensive test coverage for token validation	2026-03-10 22:19:19 +01:00
Andras Bacsai	f995426fb3	fix(sentinel): Add missing instantSave method and prevent duplicate notifications - Add public instantSave() method to handle instant saves from checkbox clicks - Remove redundant updatedIsMetricsEnabled() and updatedIsSentinelDebugEnabled() hooks - These hooks were causing duplicate notifications when checkboxes were toggled The instantSave attribute on checkboxes triggers wire:click='instantSave', which was failing because the method didn't exist. Now it saves settings and restarts Sentinel in one action, preventing the duplicate updates from both wire:click and wire:model events. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>	2025-12-23 15:34:09 +01:00
Andras Bacsai	9675d74360	refactor: move Swarm and Sentinel to dedicated sidebar menu items - Create new Server/Swarm.php Livewire component and view for Swarm configuration - Create new Server/Sentinel.php Livewire component and view for Sentinel settings - Add server.swarm and server.sentinel routes - Move Swarm and Sentinel sections from General page to sidebar menu items - Improve organization by separating concerns into dedicated pages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>	2025-12-18 12:18:22 +01:00

Author

SHA1

Message

Date

Andras Bacsai

096d4369e5

fix(sentinel): add token validation to prevent command injection

Add validation to ensure sentinel tokens contain only safe characters
(alphanumeric, dots, hyphens, underscores, plus, forward slash, equals),
preventing OS command injection vulnerabilities when tokens are
interpolated into shell commands.

- Add ServerSetting::isValidSentinelToken() validation method
- Validate tokens in StartSentinel action and metrics queries
- Improve shell argument escaping with escapeshellarg()
- Add comprehensive test coverage for token validation

2026-03-10 22:19:19 +01:00

Andras Bacsai

f995426fb3

fix(sentinel): Add missing instantSave method and prevent duplicate notifications

- Add public instantSave() method to handle instant saves from checkbox clicks
- Remove redundant updatedIsMetricsEnabled() and updatedIsSentinelDebugEnabled() hooks
- These hooks were causing duplicate notifications when checkboxes were toggled

The instantSave attribute on checkboxes triggers wire:click='instantSave', which was failing
because the method didn't exist. Now it saves settings and restarts Sentinel in one action,
preventing the duplicate updates from both wire:click and wire:model events.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

2025-12-23 15:34:09 +01:00

Andras Bacsai

9675d74360

refactor: move Swarm and Sentinel to dedicated sidebar menu items

- Create new Server/Swarm.php Livewire component and view for Swarm configuration
- Create new Server/Sentinel.php Livewire component and view for Sentinel settings
- Add server.swarm and server.sentinel routes
- Move Swarm and Sentinel sections from General page to sidebar menu items
- Improve organization by separating concerns into dedicated pages

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>

2025-12-18 12:18:22 +01:00

3 commits