rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/bootstrap/helpers
History
Andras Bacsai dac940807a fix(deployment): properly escape shell arguments in nixpacks commands 
Add escapeShellValue() helper function to safely escape shell values by wrapping
them in single quotes and escaping embedded quotes. Use this function throughout
the nixpacks command building to prevent shell injection vulnerabilities when
passing user-provided build commands, start commands, and environment variables.

This fixes unsafe string concatenation that could allow command injection when
user input contains special shell characters like &&, |, ;, etc.
2026-03-23 21:55:46 +01:00
..
api.php Squashed commit from 'qqrq-r9h4-x6wp-authenticated-rce' 2026-03-18 13:53:01 +01:00
applications.php chore: prepare for PR 2026-02-25 11:18:46 +01:00
constants.php fix(template): make databasus connect to predefined network 2025-12-28 21:30:01 +08:00
databases.php fix: handle redis_password in API database creation 2025-10-24 18:04:30 +02:00
docker.php fix(deployment): properly escape shell arguments in nixpacks commands 2026-03-23 21:55:46 +01:00
domains.php fix(api): include docker_compose_domains in domain conflict check 2026-01-14 15:22:43 +01:00
github.php feat(github): implement processing for GitHub pull request webhooks and add helper functions for commit and PR file retrieval 2026-01-05 11:13:18 +01:00
notifications.php refactor(configuration): centralize configuration management in ConfigurationRepository 2025-03-24 21:01:27 +01:00
parsers.php feat(preview): add configurable PR suffix toggle for volumes 2026-03-16 14:54:22 +01:00
proxy.php feat(proxy): add database-backed config storage with disk backups 2026-03-11 14:11:31 +01:00
remoteProcess.php feat(gitlab): add GitLab source integration with SSH and HTTP basic auth 2026-03-11 15:30:46 +01:00
services.php chore: prepare for PR 2026-03-10 17:37:13 +01:00
shared.php feat(storage): add storage endpoints and UUID support for databases and services 2026-03-23 15:15:02 +01:00
socialite.php refactor(dashboard): remove deployment loading logic and introduce DeploymentsIndicator component for better UI management 2025-09-30 11:43:30 +02:00
subscriptions.php chore: prepare for PR 2026-02-24 10:17:16 +01:00
sudo.php fix: add additional bash keywords to prevent sudo prefix in command parsing 2025-11-27 10:51:59 +01:00
timezone.php refactor: improve data formatting and UI 2025-01-15 18:35:20 +01:00
versions.php refactor(proxy): implement centralized caching for versions.json and improve UX 2025-11-18 14:53:49 +01:00