rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app
History
Andras Bacsai f0e955bf45 refactor(database): escape postgres_user in SSL chown command 
Apply escapeshellarg() to the Postgres username before interpolating it
into the chown command used to fix SSL certificate ownership, matching
the handling already in place for StartMysql. This keeps the sink-side
escaping consistent across database actions, independent of upstream
input validation.

Also adjusts an assertion in DatabaseSslCredentialEscapingTest to match
the actual double-escaped output of executeInDocker, and adds Postgres
regression cases for subshell and semicolon payloads.
2026-04-20 21:41:48 +02:00
..
Actions refactor(database): escape postgres_user in SSL chown command 2026-04-20 21:41:48 +02:00
Console feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Contracts
Data refactor: simplify remote process chain and harden ActivityMonitor 2026-03-26 13:26:16 +01:00
Enums
Events Make proxy restart run as background job to prevent localhost lockout 2025-12-03 10:30:12 +01:00
Exceptions feat(api): Improve OpenAPI spec and add rate limit handling for Hetzner 2025-12-11 12:12:43 +01:00
Helpers fix(ssh): handle chmod failures gracefully and simplify key management 2026-03-16 21:27:10 +01:00
Http fix(database): enforce credential format validation and sanitize init/SSL arguments 2026-04-20 13:58:36 +02:00
Jobs feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Listeners fix(proxy): defer UI refresh until Traefik version check completes 2025-12-27 15:16:58 +01:00
Livewire fix(database): tighten Postgres init script filename handling 2026-04-20 21:26:34 +02:00
Models refactor(auth): upgrade email verification hash to sha256 2026-04-20 12:09:48 +02:00
Notifications feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Policies chore: prepare for PR 2026-02-25 11:18:46 +01:00
Providers refactor(api): validate and throttle feedback endpoint 2026-04-19 14:41:47 +02:00
Repositories
Rules refactor(storage): tighten S3 endpoint URL validation 2026-04-20 11:50:19 +02:00
Services refactor: remove verbose logging and use explicit exception types 2026-03-20 15:57:26 +01:00
Support fix(database): skip credential pattern validation for unchanged values 2026-04-20 13:58:44 +02:00
Traits feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
View/Components feat(forms): make textarea monospace opt-in and improve multiline toggle 2026-03-31 15:37:42 +02:00