Commit 9af3e13
fix: harden --ghactions-runner-image-repo input
- Quote the URL in snippet git clone commands to prevent shell injection
- Add --depth=1 to limit clone exposure and speed up provisioning
- Validate that only HTTPS URLs are accepted for the runner image repo
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>1 parent c9a4b05 commit 9af3e13
3 files changed
Lines changed: 20 additions & 3 deletions
File tree
- cmd/mapt/cmd/params
- pkg/integrations/github
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
4 | 7 | | |
5 | 8 | | |
6 | 9 | | |
| |||
288 | 291 | | |
289 | 292 | | |
290 | 293 | | |
| 294 | + | |
| 295 | + | |
| 296 | + | |
| 297 | + | |
| 298 | + | |
| 299 | + | |
| 300 | + | |
291 | 301 | | |
292 | 302 | | |
293 | 303 | | |
294 | 304 | | |
295 | 305 | | |
296 | 306 | | |
297 | | - | |
| 307 | + | |
298 | 308 | | |
299 | 309 | | |
300 | 310 | | |
301 | 311 | | |
302 | 312 | | |
| 313 | + | |
| 314 | + | |
| 315 | + | |
| 316 | + | |
| 317 | + | |
| 318 | + | |
| 319 | + | |
303 | 320 | | |
304 | 321 | | |
305 | 322 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
4 | | - | |
| 4 | + | |
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
4 | | - | |
| 4 | + | |
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
| |||
0 commit comments