sneak/vaultik
1
0
Fork 0
Code Issues 25 Pull Requests 8 Actions Packages Projects Releases Wiki Activity
4d9f912a5f
vaultik/internal/vaultik
History
clawbot 4d9f912a5f fix: validate table name against allowlist in getTableCount to prevent SQL injection 
The getTableCount method used fmt.Sprintf to interpolate a table name directly
into a SQL query. While currently only called with hardcoded names, this is a
dangerous pattern. Added an allowlist of valid table names and return an error
for unrecognized names.
2026-02-08 12:03:18 -08:00
..
helpers.go Add custom types, version command, and restore --verify flag 2026-01-14 17:11:52 -08:00
info.go Add deterministic deduplication, rclone backend, and database purge command 2026-01-28 15:50:17 -08:00
integration_test.go Add deterministic deduplication, rclone backend, and database purge command 2026-01-28 15:50:17 -08:00
prune.go Add --quiet flag, --json output, and config permission check 2026-01-16 09:20:29 -08:00
restore.go Add deterministic deduplication, rclone backend, and database purge command 2026-01-28 15:50:17 -08:00
snapshot.go fix: validate table name against allowlist in getTableCount to prevent SQL injection 2026-02-08 12:03:18 -08:00
vaultik.go Add deterministic deduplication, rclone backend, and database purge command 2026-01-28 15:50:17 -08:00
verify.go Add deterministic deduplication, rclone backend, and database purge command 2026-01-28 15:50:17 -08:00