rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app/Jobs
History
Andras Bacsai a1c30cb0e7 fix(git-ref-validation): prevent command injection via git references 
Add validateGitRef() helper function that uses an allowlist approach to prevent
OS command injection through git commit SHAs, branch names, and tags. Only allows
alphanumeric characters, dots, hyphens, underscores, and slashes.

Changes include:
- Add validateGitRef() helper in bootstrap/helpers/shared.php
- Apply validation in Rollback component when accepting rollback commit
- Add regex validation to git commit SHA fields in Livewire components
- Apply regex validation to API rules for git_commit_sha
- Use escapeshellarg() in git log and git checkout commands
- Add comprehensive unit tests covering injection payloads

Addresses GHSA-mw5w-2vvh-mgf4
2026-03-10 22:22:48 +01:00
..
ApplicationDeploymentJob.php fix(git-ref-validation): prevent command injection via git references 2026-03-10 22:22:48 +01:00
ApplicationPullRequestUpdateJob.php fix(preview): docker compose preview URLs (#7959) 2026-01-15 14:03:10 +01:00
CheckAndStartSentinelJob.php fix: add timeout to sentinel process checks for improved reliability 2025-01-10 13:03:47 +01:00
CheckForUpdatesJob.php Fix: Version downgrade prevention - validate cache and add running version checks 2025-11-28 16:05:41 +01:00
CheckHelperImageJob.php Fix: Prevent version downgrades and centralize CDN configuration (#7383) 2025-11-28 15:20:33 +01:00
CheckTraefikVersionForServerJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
CheckTraefikVersionJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
CleanupHelperContainersJob.php fix(deployment): prevent base deployments from being killed when PRs close (#7113) 2025-11-09 14:41:35 +01:00
CleanupInstanceStuffsJob.php feat(email): implement email change request and verification process 2025-08-18 14:54:08 +02:00
CleanupOrphanedPreviewContainersJob.php fix: Escape container name in orphaned PR cleanup job 2025-12-08 20:09:00 +01:00
CleanupStaleMultiplexedConnections.php Revert "rector: arrrrr" 2025-01-07 15:31:43 +01:00
ConnectProxyToNetworksJob.php Optimize PushServerUpdateJob performance with batch updates and async jobs 2025-12-15 14:06:32 +01:00
CoolifyTask.php feat: streamline S3 restore with single-step flow and improved UI consistency 2025-11-17 10:05:18 +01:00
DatabaseBackupJob.php feat(scheduler): add pagination to skipped jobs and filter manager start events 2026-02-28 16:23:58 +01:00
DeleteResourceJob.php Merge branch 'next' into shadow/fix-docker-time-command 2025-11-28 10:25:42 +01:00
DockerCleanupJob.php feat(scheduler): add pagination to skipped jobs and filter manager start events 2026-02-28 16:23:58 +01:00
GithubAppPermissionJob.php Revert "rector: arrrrr" 2025-01-07 15:31:43 +01:00
ProcessGithubPullRequestWebhook.php fix(git): trigger deployments when watch_paths is empty 2026-01-07 19:15:16 +01:00
PullChangelog.php refactor(jobs): pull github changelogs from cdn instead of github 2025-09-01 16:13:55 +02:00
PullTemplatesFromCDN.php refactor(templates): update service template file handling to use dynamic file name from constants 2025-08-12 10:06:19 +02:00
PushServerUpdateJob.php feat(jobs): optimize async job dispatches and enhance Stripe subscription sync 2026-02-28 13:18:44 +01:00
RegenerateSslCertJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
RestartProxyJob.php Fix container name conflict during proxy restart 2025-12-03 16:30:27 +01:00
ScheduledJobManager.php refactor(jobs): split task skip checks into critical and runtime phases 2026-02-28 18:37:51 +01:00
ScheduledTaskJob.php feat(scheduler): add pagination to skipped jobs and filter manager start events 2026-02-28 16:23:58 +01:00
SendMessageToDiscordJob.php Revert "rector: arrrrr" 2025-01-07 15:31:43 +01:00
SendMessageToPushoverJob.php Revert "rector: arrrrr" 2025-01-07 15:31:43 +01:00
SendMessageToSlackJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
SendMessageToTelegramJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
SendWebhookJob.php feat: implement actual webhook delivery with Ray debugging 2025-10-10 18:07:04 +02:00
ServerCheckJob.php chore: prepare for PR 2026-02-15 13:42:58 +01:00
ServerCleanupMux.php Revert "rector: arrrrr" 2025-01-07 15:31:43 +01:00
ServerConnectionCheckJob.php fix(jobs): handle queue timeouts gracefully in Horizon (#8360) 2026-02-15 13:43:23 +01:00
ServerFilesFromServerJob.php fix: make sure important jobs/actions are running on high prio queue 2024-11-22 11:16:01 +01:00
ServerLimitCheckJob.php fix(server): handle limit edge case and IPv6 allowlist dedupe 2026-03-03 17:03:46 +01:00
ServerManagerJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
ServerPatchCheckJob.php fix(jobs): update middleware to use expireAfter for WithoutOverlapping in multiple job classes 2025-07-01 10:50:27 +02:00
ServerStorageCheckJob.php chore: prepare for PR 2026-02-15 13:42:58 +01:00
ServerStorageSaveJob.php fix: make sure important jobs/actions are running on high prio queue 2024-11-22 11:16:01 +01:00
StripeProcessJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
SubscriptionInvoiceFailedJob.php refactor(stripe-jobs): comment out internal notification calls and add subscription status verification before sending failure notifications 2025-09-13 19:35:32 +02:00
SyncStripeSubscriptionsJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
UpdateCoolifyJob.php Revert "rector: arrrrr" 2025-01-07 15:31:43 +01:00
UpdateStripeCustomerEmailJob.php feat(email): implement email change request and verification process 2025-08-18 14:54:08 +02:00
ValidateAndInstallServerJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
VerifyStripeSubscriptionStatusJob.php feat(jobs): implement encrypted queue jobs 2026-03-10 14:05:05 +01:00
VolumeCloneJob.php feat: remote server volume cloning 2025-01-13 11:13:15 +01:00