rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app/Livewire
History
Andras Bacsai fcd574e1eb fix(log-drain): prevent command injection by base64-encoding environment variables 
Replace direct shell interpolation of environment values with base64 encoding
to prevent command injection attacks. Environment configuration is now built as
a single string, base64-encoded, then decoded to file atomically.

Also add regex validation to restrict environment field values to safe
characters (alphanumeric, underscore, hyphen, dot) at the application layer.

Fixes GHSA-3xm2-hqg8-4m2p
2026-03-10 22:22:51 +01:00
..
Admin
Boarding fix(server): improve IP uniqueness validation with team-specific error messages 2026-02-12 08:10:59 +01:00
Destination refactor(redirect): replace redirect calls with redirectRoute helper for consistency 2025-12-26 13:29:59 +01:00
Notifications feat(proxy): add Traefik version tracking with notifications and dismissible UI warnings 2025-11-18 14:53:49 +01:00
Profile fix(user): ensure email attributes are stored in lowercase for consistency and prevent case-related issues 2025-09-05 17:44:34 +02:00
Project Squashed commit from '565g-9j4m-wqmr-cross-team-idor-logs-fix' 2026-03-10 22:11:52 +01:00
Security refactor: remove duplicated validation messages 2026-01-05 13:15:14 +01:00
Server fix(log-drain): prevent command injection by base64-encoding environment variables 2026-03-10 22:22:51 +01:00
Settings fix(server): handle limit edge case and IPv6 allowlist dedupe 2026-03-03 17:03:46 +01:00
SharedVariables feat: add comment field to shared environment variables 2025-12-27 15:24:09 +01:00
Source/Github refactor(redirect): replace redirect calls with redirectRoute helper for consistency 2025-12-26 13:29:59 +01:00
Storage refactor: remove duplicated validation messages 2026-01-05 13:15:14 +01:00
Subscription fix(subscription): harden quantity updates and proxy trust behavior 2026-03-03 12:28:16 +01:00
Tags
Team refactor: remove duplicated validation messages 2026-01-05 13:15:14 +01:00
Terminal feat: replace terminal dropdown with searchable datalist component 2025-10-12 14:57:45 +02:00
ActivityMonitor.php fix(user): complete User model fixes for non-web contexts 2025-12-28 13:55:55 +01:00
Dashboard.php refactor: replace queries with cached versions for performance improvements 2025-12-08 13:39:33 +01:00
DeploymentsIndicator.php Refactor deployment indicator to use server-side route detection 2025-12-11 09:39:56 +01:00
ForcePasswordReset.php
GlobalSearch.php chore: prepare for PR 2026-02-18 11:20:32 +01:00
Help.php fix(feedback): update feedback email address to improve communication with users 2025-09-11 20:23:07 +02:00
LayoutPopups.php
MonacoEditor.php Merge branch 'next' into andrasbacsai/livewire-model-binding 2025-10-16 11:05:29 +02:00
NavbarDeleteTeam.php refactor(redirect): replace redirect calls with redirectRoute helper for consistency 2025-12-26 13:29:59 +01:00
SettingsBackup.php fix validation on a few views 2025-10-06 21:25:24 +02:00
SettingsDropdown.php feat(ui): display current version in settings dropdown and update UI accordingly 2025-09-01 16:23:14 +02:00
SettingsEmail.php
SettingsOauth.php fix: add null checks and validation to OAuth bulk update method 2025-10-27 17:04:33 +01:00
SwitchTeam.php
Upgrade.php Widen upgrade popup and add dev mode simulation 2025-12-17 10:59:38 +01:00
VerifyEmail.php