rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app/Models
History
Andras Bacsai 096d4369e5 fix(sentinel): add token validation to prevent command injection 
Add validation to ensure sentinel tokens contain only safe characters
(alphanumeric, dots, hyphens, underscores, plus, forward slash, equals),
preventing OS command injection vulnerabilities when tokens are
interpolated into shell commands.

- Add ServerSetting::isValidSentinelToken() validation method
- Validate tokens in StartSentinel action and metrics queries
- Improve shell argument escaping with escapeshellarg()
- Add comprehensive test coverage for token validation
2026-03-10 22:19:19 +01:00
..
Application.php docs(application): add comments explaining commit selection logic for rollback support 2026-03-03 08:54:58 +01:00
ApplicationDeploymentQueue.php fix: add datetime cast to finished_at column (#7418) 2026-01-04 17:23:22 +01:00
ApplicationPreview.php test: Add comprehensive preview deployment port and path tests 2025-12-17 21:35:54 +01:00
ApplicationSetting.php Add per-application Docker image retention for rollback capability 2025-12-05 11:02:07 +01:00
BaseModel.php refactor: rename name method to sanitizedName in BaseModel for clarity 2024-12-10 08:50:07 +01:00
CloudInitScript.php refactor: improve cloud-init script UX and remove description field 2025-10-11 11:16:28 +02:00
CloudProviderToken.php fix: add UUID support to CloudProviderToken model 2025-12-10 08:59:13 +01:00
DiscordNotificationSettings.php feat(proxy): add Traefik version tracking with notifications and dismissible UI warnings 2025-11-14 11:35:22 +01:00
DockerCleanupExecution.php feat: DB and Model for docker cleanup executions 2025-01-15 17:11:15 +01:00
EmailNotificationSettings.php feat(proxy): add Traefik version tracking with notifications and dismissible UI warnings 2025-11-14 11:35:22 +01:00
Environment.php test(factories): add missing model factories for app test suite 2026-03-03 09:50:05 +01:00
EnvironmentVariable.php feat(models): add is_required to EnvironmentVariable fillable array 2026-03-02 12:34:30 +01:00
GithubApp.php fixed github app deleting private key when it is used by other resources 2025-10-30 01:16:59 +05:30
GitlabApp.php fix: access team's github apps only 2024-10-24 13:28:31 +02:00
InstanceSettings.php fix: optimize queries and caching for projects and environments 2026-01-16 11:51:26 +01:00
LocalFileVolume.php fix: Improve read-only volume detection and UI messaging 2025-12-11 21:25:33 +01:00
LocalPersistentVolume.php fix: Prevent N+1 query in LocalPersistentVolume.isDockerComposeResource() 2025-12-11 21:23:46 +01:00
OauthSetting.php feat(auth): Add Clerk OAuth Provider (#5553) 2025-06-18 14:29:46 +02:00
PersonalAccessToken.php Fix styling 2024-06-10 20:43:34 +00:00
PrivateKey.php chore: prepare for PR 2026-02-26 16:27:02 +01:00
Project.php test(factories): add missing model factories for app test suite 2026-03-03 09:50:05 +01:00
ProjectSetting.php feat: initial api endpoints 2024-02-16 21:56:38 +01:00
PushoverNotificationSettings.php feat(proxy): add Traefik version tracking with notifications and dismissible UI warnings 2025-11-14 11:35:22 +01:00
S3Storage.php Fix S3 credential whitespace issue with proper trimming 2025-12-15 12:05:54 +01:00
ScheduledDatabaseBackup.php fix(models): update sorting of scheduled database backups to order by creation date instead of name 2025-09-26 08:24:38 +02:00
ScheduledDatabaseBackupExecution.php feat(backup): enhance backup job with S3 upload handling and notifications 2025-10-07 15:02:23 +02:00
ScheduledTask.php test(factories): add missing model factories for app test suite 2026-03-03 09:50:05 +01:00
ScheduledTaskExecution.php fix(api): improve scheduled tasks API with auth, validation, and execution endpoints 2026-02-18 11:53:58 +01:00
Server.php chore: prepare for PR 2026-03-03 11:51:38 +01:00
ServerSetting.php fix(sentinel): add token validation to prevent command injection 2026-03-10 22:19:19 +01:00
Service.php feat(openclaw): add Openclaw service with environment variables and health checks 2026-02-09 12:33:17 +01:00
ServiceApplication.php fix(service): resolve team lookup via service relationship 2026-02-23 13:23:12 +01:00
ServiceDatabase.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
SharedEnvironmentVariable.php feat: add comment field to shared environment variables 2025-12-27 15:24:09 +01:00
SlackNotificationSettings.php feat(proxy): add Traefik version tracking with notifications and dismissible UI warnings 2025-11-14 11:35:22 +01:00
SslCertificate.php fix(ssl): when regenerating SSL certs the cert is not singed with the new CN 2025-02-07 19:36:52 +01:00
StandaloneClickhouse.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
StandaloneDocker.php test(factories): add missing model factories for app test suite 2026-03-03 09:50:05 +01:00
StandaloneDragonfly.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
StandaloneKeydb.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
StandaloneMariadb.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
StandaloneMongodb.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
StandaloneMysql.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
StandalonePostgresql.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
StandaloneRedis.php feat: add configurable timeout for public database TCP proxy 2026-02-26 21:12:58 -08:00
Subscription.php fix(subscription): harden quantity updates and proxy trust behavior 2026-03-03 12:28:16 +01:00
SwarmDocker.php fix: optimize queries and caching for projects and environments 2026-01-16 11:51:26 +01:00
Tag.php feat(validation): centralize validation patterns for names and descriptions 2025-08-19 12:14:48 +02:00
Team.php chore: prepare for PR 2026-02-23 13:02:06 +01:00
TeamInvitation.php Update app/Models/TeamInvitation.php 2025-09-25 11:33:32 +02:00
TelegramNotificationSettings.php feat(proxy): add Traefik version tracking with notifications and dismissible UI warnings 2025-11-14 11:35:22 +01:00
User.php chore: remove unused $server property and add missing import 2026-01-01 15:42:21 +01:00
UserChangelogRead.php feat(changelog): implement automated changelog fetching from GitHub and enhance changelog read tracking 2025-08-12 10:07:11 +02:00
WebhookNotificationSettings.php fix: update webhook notification settings migration to use updateOrInsert and add logging 2025-11-25 15:35:01 +01:00