rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app
History
Andras Bacsai b3256d4df1 fix(security): harden model assignment and sensitive data handling 
Restrict mass-assignable attributes across user/team/redis models and
switch privileged root/team creation paths to forceFill/forceCreate.

Encrypt legacy ClickHouse admin passwords via migration and cast the
correct ClickHouse password field as encrypted.

Tighten API and runtime exposure by removing sensitive team fields from
responses and sanitizing Git/compose error messages.

Expand security-focused feature coverage for command-injection and mass
assignment protections.
2026-03-29 20:56:04 +02:00
..
Actions fix(security): harden model assignment and sensitive data handling 2026-03-29 20:56:04 +02:00
Console style(dev): standardize log message format with INFO/ERROR prefixes 2026-03-28 12:07:34 +01:00
Contracts refactor: streamline job status retrieval and clean up repository interface 2025-01-10 19:53:13 +01:00
Data refactor: simplify remote process chain and harden ActivityMonitor 2026-03-26 13:26:16 +01:00
Enums Add new role enum and apply authorization 2024-10-28 17:08:24 +01:00
Events Make proxy restart run as background job to prevent localhost lockout 2025-12-03 10:30:12 +01:00
Exceptions feat(api): Improve OpenAPI spec and add rate limit handling for Hetzner 2025-12-11 12:12:43 +01:00
Helpers fix(ssh): handle chmod failures gracefully and simplify key management 2026-03-16 21:27:10 +01:00
Http fix(security): harden model assignment and sensitive data handling 2026-03-29 20:56:04 +02:00
Jobs fix: sanitize error output in server validation logs 2026-03-26 18:36:36 +01:00
Listeners fix(proxy): defer UI refresh until Traefik version check completes 2025-12-27 15:16:58 +01:00
Livewire Merge remote-tracking branch 'origin/next' into fix/harden-getlogs-livewire-properties 2026-03-28 14:10:15 +01:00
Models fix(security): harden model assignment and sensitive data handling 2026-03-29 20:56:04 +02:00
Notifications fix: harden TrustHosts middleware and use base_url() for password reset links 2026-03-26 18:39:54 +01:00
Policies chore: prepare for PR 2026-02-25 11:18:46 +01:00
Providers Remove webhook maintenance mode replay feature 2025-12-02 13:36:32 +01:00
Repositories refactor: streamline job status retrieval and clean up repository interface 2025-01-10 19:53:13 +01:00
Rules fix: add URL validation for GitHub source api_url and html_url fields 2026-03-26 13:45:33 +01:00
Services refactor: remove verbose logging and use explicit exception types 2026-03-20 15:57:26 +01:00
Support fix(storage): use escapeshellarg for volume names in shell commands 2026-03-26 11:06:30 +01:00
Traits feat(deployment): add command_hidden flag to hide command text in logs 2026-03-25 16:48:49 +01:00
View/Components feat: add availableSharedVariables method and enhance env-var-input component for better password handling 2025-11-27 10:23:46 +01:00