upaas/internal
clawbot 7c0278439d fix: prevent command injection in git clone arguments (closes #18)
- Validate branch names against ^[a-zA-Z0-9._/\-]+$
- Validate commit SHAs against ^[0-9a-f]{40}$
- Pass repo URL, branch, and SHA via environment variables instead of
  interpolating into shell script string
- Add comprehensive tests for validation and injection rejection
2026-02-15 21:33:02 -08:00
..
config Add deployment improvements and UI enhancements 2025-12-30 15:05:26 +07:00
database fix: use hashed webhook secrets for constant-time comparison 2026-02-15 14:06:53 -08:00
docker fix: prevent command injection in git clone arguments (closes #18) 2026-02-15 21:33:02 -08:00
globals Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
handlers fix: add ownership verification on env var, label, volume, and port deletion 2026-02-15 21:02:46 -08:00
healthcheck Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
logger Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00
middleware fix: extract real client IP from proxy headers (X-Real-IP / X-Forwarded-For) 2026-02-15 21:14:12 -08:00
models fix: use hashed webhook secrets for constant-time comparison 2026-02-15 14:06:53 -08:00
server fix: add ownership verification on env var, label, volume, and port deletion 2026-02-15 21:02:46 -08:00
service Merge pull request 'Wait for final log flush before closing deploymentLogWriter (closes #4)' (#9) from clawbot/upaas:fix/issue-4 into main 2026-02-16 06:29:18 +01:00
ssh Initial commit with server startup infrastructure 2025-12-29 15:46:03 +07:00