b81baff4b1
Two improvements to Git deployment handling: 1. **ApplicationDeploymentJob.php**: - Fixed log message to show actual resolved commit SHA (`$this->commit`) - Previously showed `$this->application->git_commit_sha` which could be "HEAD" - Now displays the actual 40-character commit SHA that will be deployed 2. **Application.php (generateGitLsRemoteCommands)**: - Added `escapeshellarg()` for repository URL in 'other' deployment type - Prevents shell injection in git ls-remote commands - Complements existing shell escaping in `generateGitImportCommands` - Ensures consistent security across all Git operations **Security Impact:** - All Git commands now use properly escaped repository URLs - Prevents command injection through malicious repository URLs - Consistent escaping in both ls-remote and clone operations **User Experience:** - Deployment logs now show exact commit SHA being deployed - More accurate debugging information for deployment issues Co-Authored-By: Claude <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| Actions | ||
| Console | ||
| Contracts | ||
| Data | ||
| Enums | ||
| Events | ||
| Exceptions | ||
| Helpers | ||
| Http | ||
| Jobs | ||
| Listeners | ||
| Livewire | ||
| Models | ||
| Notifications | ||
| Policies | ||
| Providers | ||
| Repositories | ||
| Rules | ||
| Services | ||
| Support | ||
| Traits | ||
| View/Components | ||