rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app/Actions/Server
History
Andras Bacsai fcd574e1eb fix(log-drain): prevent command injection by base64-encoding environment variables 
Replace direct shell interpolation of environment values with base64 encoding
to prevent command injection attacks. Environment configuration is now built as
a single string, base64-encoded, then decoded to file atomically.

Also add regex validation to restrict environment field values to safe
characters (alphanumeric, underscore, hyphen, dot) at the application layer.

Fixes GHSA-3xm2-hqg8-4m2p
2026-03-10 22:22:51 +01:00
..
CheckUpdates.php Add Arch Linux server support and fix package sanitization 2025-12-08 09:02:00 +01:00
CleanupDocker.php chore: prepare for PR 2026-03-10 18:32:19 +01:00
ConfigureCloudflared.php Revert "refactor(file-transfer): replace base64 encoding with direct file transfer method across multiple database actions for improved clarity and efficiency" 2025-09-15 17:55:08 +02:00
DeleteServer.php feat: implement Hetzner deletion failure notification system with email and messaging support 2025-10-10 09:35:58 +02:00
InstallDocker.php chore: prepare for PR 2026-02-25 12:00:24 +01:00
InstallPrerequisites.php Add Arch Linux server support and fix package sanitization 2025-12-08 09:02:00 +01:00
ResourcesCheck.php Revert "rector: arrrrr" 2025-01-07 15:31:43 +01:00
RestartContainer.php fix: restart sentinel once a day 2024-10-29 10:28:05 +01:00
RunCommand.php Inline many variables. 2024-10-31 18:20:11 +01:00
StartLogDrain.php fix(log-drain): prevent command injection by base64-encoding environment variables 2026-03-10 22:22:51 +01:00
StartSentinel.php fix(sentinel): add token validation to prevent command injection 2026-03-10 22:19:19 +01:00
StopLogDrain.php Revert "rector: arrrrr" 2025-01-07 15:31:43 +01:00
StopSentinel.php pint 2024-10-17 22:08:23 +02:00
UpdateCoolify.php Add human-friendly output to upgrade script 2025-12-12 15:18:57 +01:00
UpdatePackage.php Add package validation guard and make pacman idempotent 2025-12-08 09:17:24 +01:00
ValidatePrerequisites.php feat: enhance prerequisite validation to return detailed results 2025-11-21 13:14:48 +01:00
ValidateServer.php feat: enhance prerequisite validation to return detailed results 2025-11-21 13:14:48 +01:00