rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/tests
History
Andras Bacsai fcd574e1eb fix(log-drain): prevent command injection by base64-encoding environment variables 
Replace direct shell interpolation of environment values with base64 encoding
to prevent command injection attacks. Environment configuration is now built as
a single string, base64-encoded, then decoded to file atomically.

Also add regex validation to restrict environment field values to safe
characters (alphanumeric, underscore, hyphen, dot) at the application layer.

Fixes GHSA-3xm2-hqg8-4m2p
2026-03-10 22:22:51 +01:00
..
Browser test: add dashboard test and improve browser test coverage 2026-02-11 16:37:40 +01:00
Feature fix(sentinel): add token validation to prevent command injection 2026-03-10 22:19:19 +01:00
Traits test: setup database for upcoming tests 2024-12-04 12:43:52 +01:00
Unit fix(log-drain): prevent command injection by base64-encoding environment variables 2026-03-10 22:22:51 +01:00
v4 test: add dashboard test and improve browser test coverage 2026-02-11 16:37:40 +01:00
CreatesApplication.php Fix styling 2024-06-10 20:43:34 +00:00
DuskTestCase.php Refactor DuskTestCase.php to use a hardcoded base URL 2024-10-17 21:26:06 +02:00
Pest.php test: add Pest browser testing with SQLite :memory: schema 2026-02-11 15:25:47 +01:00
TestCase.php init of v4 🌮 2023-03-17 15:33:48 +01:00