php-uptelligence

History

Snider ef8a40829f security: fix shell injection in AssetTrackerService - Add package name validation with strict regex patterns - Convert all Process::run() calls to array syntax - Support Composer and NPM package name formats - Add comprehensive shell injection tests (20 attack patterns) - Update security docs and changelog Fixes P2 shell injection vulnerability from security audit. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-29 12:21:07 +00:00
..
code-review.md	security: fix shell injection in AssetTrackerService	2026-01-29 12:21:07 +00:00

Snider ef8a40829f security: fix shell injection in AssetTrackerService

- Add package name validation with strict regex patterns
- Convert all Process::run() calls to array syntax
- Support Composer and NPM package name formats
- Add comprehensive shell injection tests (20 attack patterns)
- Update security docs and changelog

Fixes P2 shell injection vulnerability from security audit.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-29 12:21:07 +00:00

code-review.md

security: fix shell injection in AssetTrackerService

2026-01-29 12:21:07 +00:00