rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app
History
Andras Bacsai a05d4e3a4b fix(database): tighten Postgres init script filename handling 
Validate new init-script filenames against path traversal and shell
metacharacters via a new validateFilenameSafe() helper, and harden the
write/delete paths with basename() + escapeshellarg() so legacy rows
still deploy and can be cleaned up without regressions.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 21:26:34 +02:00
..
Actions fix(database): tighten Postgres init script filename handling 2026-04-20 21:26:34 +02:00
Console feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Contracts
Data refactor: simplify remote process chain and harden ActivityMonitor 2026-03-26 13:26:16 +01:00
Enums
Events
Exceptions feat(api): Improve OpenAPI spec and add rate limit handling for Hetzner 2025-12-11 12:12:43 +01:00
Helpers fix(ssh): handle chmod failures gracefully and simplify key management 2026-03-16 21:27:10 +01:00
Http fix(database): enforce credential format validation and sanitize init/SSL arguments 2026-04-20 13:58:36 +02:00
Jobs feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Listeners fix(proxy): defer UI refresh until Traefik version check completes 2025-12-27 15:16:58 +01:00
Livewire fix(database): tighten Postgres init script filename handling 2026-04-20 21:26:34 +02:00
Models refactor(auth): upgrade email verification hash to sha256 2026-04-20 12:09:48 +02:00
Notifications feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
Policies chore: prepare for PR 2026-02-25 11:18:46 +01:00
Providers refactor(api): validate and throttle feedback endpoint 2026-04-19 14:41:47 +02:00
Repositories
Rules refactor(storage): tighten S3 endpoint URL validation 2026-04-20 11:50:19 +02:00
Services refactor: remove verbose logging and use explicit exception types 2026-03-20 15:57:26 +01:00
Support fix(database): skip credential pattern validation for unchanged values 2026-04-20 13:58:44 +02:00
Traits feat(security): support expiration on API tokens with warning notifications 2026-04-20 14:28:38 +02:00
View/Components feat(forms): make textarea monospace opt-in and improve multiline toggle 2026-03-31 15:37:42 +02:00