a1c30cb0e7
Add validateGitRef() helper function that uses an allowlist approach to prevent OS command injection through git commit SHAs, branch names, and tags. Only allows alphanumeric characters, dots, hyphens, underscores, and slashes. Changes include: - Add validateGitRef() helper in bootstrap/helpers/shared.php - Apply validation in Rollback component when accepting rollback commit - Add regex validation to git commit SHA fields in Livewire components - Apply regex validation to API rules for git_commit_sha - Use escapeshellarg() in git log and git checkout commands - Add comprehensive unit tests covering injection payloads Addresses GHSA-mw5w-2vvh-mgf4 |
||
|---|---|---|
| .. | ||
| Deployment | ||
| Preview | ||
| Advanced.php | ||
| Configuration.php | ||
| DeploymentNavbar.php | ||
| General.php | ||
| Heading.php | ||
| Previews.php | ||
| PreviewsCompose.php | ||
| Rollback.php | ||
| Source.php | ||
| Swarm.php | ||