rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/bootstrap
History
Andras Bacsai c9922c30c2 fix: add input validation for install/build/start command fields 
Add shellSafeCommandRules() validation to install_command, build_command,
and start_command fields in both the Livewire UI and REST API layers.
These fields previously accepted arbitrary strings without validation,
unlike other shell-adjacent fields which already used this pattern.

Also adds comprehensive tests for rejection of dangerous input and
acceptance of legitimate build commands.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-28 12:28:29 +01:00
..
cache init of v4 🌮 2023-03-17 15:33:48 +01:00
helpers fix: add input validation for install/build/start command fields 2026-03-28 12:28:29 +01:00
app.php testing php storm code cleanup and styling 2023-08-08 11:51:36 +02:00
getHelperVersion.php chore(versions): update coolify versions to v4.0.0-beta.389 and add helper version retrieval script 2025-01-22 14:01:05 +01:00
getRealtimeVersion.php refactor(workflows): replace jq with PHP script for version retrieval in workflows 2025-01-22 14:05:29 +01:00
getVersion.php Refactor getVersion.php to prevent GitHub Actions failure 2024-11-26 10:53:34 +01:00
includeHelpers.php Fix styling 2024-06-10 20:43:34 +00:00