fix(configure): reject literal "undefined" and "null" gateway auth tokens (#13767)

* fix(configure): reject literal "undefined" and "null" gateway auth tokens * fix(configure): reject literal "undefined" and "null" gateway auth tokens * fix(configure): validate gateway password prompt and harden token coercion (#13767) (thanks @omair445) * test: remove unused vitest imports in baseline lint fixtures (#13767) --------- Co-authored-by: Luna AI <luna@coredirection.ai> Co-authored-by: Peter Steinberger <steipete@gmail.com>
2026-05-09 21:44:32 +00:00 · 2026-02-13 21:04:41 +05:00
parent 4dc93f40d5
commit 59733a02c8
9 changed files with 118 additions and 11 deletions
--- a/src/wizard/onboarding.gateway-config.ts
+++ b/src/wizard/onboarding.gateway-config.ts
@@ -7,7 +7,11 @@ import type {
  WizardFlow,
 } from "./onboarding.types.js";
 import type { WizardPrompter } from "./prompts.js";
-import { normalizeGatewayTokenInput, randomToken } from "../commands/onboard-helpers.js";
+import {
+  normalizeGatewayTokenInput,
+  randomToken,
+  validateGatewayPasswordInput,
+} from "../commands/onboard-helpers.js";
 import { findTailscaleBinary } from "../infra/tailscale.js";

 // These commands are "high risk" (privacy writes/recording) and should be
@@ -208,7 +212,7 @@ export async function configureGatewayForOnboarding(
        ? quickstartGateway.password
        : await prompter.text({
            message: "Gateway password",
-            validate: (value) => (value?.trim() ? undefined : "Required"),
+            validate: validateGatewayPasswordInput,
          });
    nextConfig = {
      ...nextConfig,