mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
15b0cf4277
<!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> **Related issue:** Resolves #43311 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements), JS inline code is prevented especially for url redirects, and untrusted data interpolated into shell scripts/commands is validated against shell metacharacters. - [x] Timeouts are implemented and retries are limited to avoid infinite loops ## Testing - [x] Added/updated automated tests - [x] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Made environment-variable expansion conditional by package type: script-only packages no longer expand host env vars during parsing, while YAML packages still have env vars expanded (expansion errors are recorded and parsing continues). * **Tests** * Added a test to confirm script packages do not expand standard shell variables during parsing. * **Chores** * Updated changelog entry describing the script-only package fix. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|---|---|---|
| .. | ||
| testdata | ||
| gitops.go | ||
| gitops_deprecations.go | ||
| gitops_test.go | ||
| gitops_validate.go | ||
| gitops_validate_test.go | ||
| spec.go | ||
| spec_test.go | ||