torjus/homelab-deploy
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-03-09. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
00899489ac0fe176893528cf1aa1fdf0f15d0ffd
homelab-deploy/internal/messages
History
Torjus Håkestad c52e88ca7e fix: add validation for config and reply subjects 
Address medium severity security issues:

- Validate repo names in config only allow alphanumeric, dash, underscore
  (prevents NATS subject injection via dots or wildcards)
- Validate repo URLs must start with git+https://, git+ssh://, or git+file://
- Validate ReplyTo field must start with "build.responses." to prevent
  publishing responses to arbitrary NATS subjects

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-10 22:09:51 +01:00
..
build.go
fix: add validation for config and reply subjects
2026-02-10 22:09:51 +01:00
messages_test.go
feat: implement NATS-based NixOS deployment system
2026-02-07 04:19:47 +01:00
messages.go
feat: add heartbeat status updates during deployment
2026-02-07 14:23:33 +01:00