- Add package name validation with strict regex patterns - Convert all Process::run() calls to array syntax - Support Composer and NPM package name formats - Add comprehensive shell injection tests (20 attack patterns) - Update security docs and changelog Fixes P2 shell injection vulnerability from security audit. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| AIAnalyzerService.php | ||
| AssetTrackerService.php | ||
| DiffAnalyzerService.php | ||
| IssueGeneratorService.php | ||
| UpstreamPlanGeneratorService.php | ||
| UptelligenceDigestService.php | ||
| VendorStorageService.php | ||
| VendorUpdateCheckerService.php | ||
| WebhookReceiverService.php | ||