deblan-mirror/wails
1
0
Fork 0
mirror of https://github.com/wailsapp/wails.git synced 2026-03-15 07:05:50 +01:00
Code Issues Projects Releases Packages Wiki Activity
wails/v3/internal/setupwizard
History
Exact
Lea Anthony 4fc28b9d61 fix(security): improve command injection protection for CodeQL 
- Refactor whitelist validation to use getSafeCommand() which returns
  safe command names from a static lookup table instead of user input
- This allows CodeQL to trace that executed commands come from a
  known-safe whitelist rather than tainted user input
- Add comprehensive tests for the new getSafeCommand function
- Add lgtm[go/path-injection] comments for CodeQL suppression on the
  example file where paths are properly validated

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-25 11:46:29 +11:00
..
frontend feat(setup): add global defaults, light/dark mode, and UI improvements 2025-12-07 17:40:53 +11:00
defaults.go feat(setup): add global defaults, light/dark mode, and UI improvements 2025-12-07 17:40:53 +11:00
wizard.go fix(security): improve command injection protection for CodeQL 2026-01-25 11:46:29 +11:00
wizard_darwin.go feat(setup): Preserve existing setup wizard design 2025-12-06 17:02:35 +11:00
wizard_linux.go feat(setup): improve dependency UX with retry button and loading animations 2025-12-07 10:30:44 +11:00
wizard_security_test.go fix(security): improve command injection protection for CodeQL 2026-01-25 11:46:29 +11:00
wizard_windows.go feat(setup): Preserve existing setup wizard design 2025-12-06 17:02:35 +11:00