16 Commits

Author	SHA1	Message	Date
Peter Steinberger	ed960ba4eb	refactor(security): centralize path guard helpers	2026-02-21 19:54:26 +01:00
Peter Steinberger	4b226b74f5	fix(security): block zip symlink escape in archive extraction	2026-02-21 19:42:33 +01:00
Peter Steinberger	2b8f1bade0	refactor(archive): share archive path safety helpers	2026-02-18 16:48:35 +00:00
Peter Steinberger	b8b43175c5	style: align formatting with oxfmt 0.33	2026-02-18 01:34:35 +00:00
Peter Steinberger	31f9be126c	style: run oxfmt and fix gate failures	2026-02-18 01:29:02 +00:00
cpojer	d0cb8c19b2	chore: wtf.	2026-02-17 13:36:48 +09:00
Sebastian	ed11e93cf2	chore(format)	2026-02-16 23:20:16 -05:00
cpojer	90ef2d6bdf	chore: Update formatting.	2026-02-17 09:18:40 +09:00
Peter Steinberger	2363e1b085	fix(security): restrict skill download target paths	2026-02-16 03:47:28 +01:00
Peter Steinberger	4c7838e3cf	refactor(archive): centralize limits and budgets	2026-02-14 15:43:44 +01:00
Peter Steinberger	d3ee5deb87	fix(archive): enforce extraction resource limits	2026-02-14 15:36:41 +01:00
Peter Steinberger	3aa94afcfd	fix(security): harden archive extraction (#16203) ... * fix(browser): confine upload paths for file chooser * fix(browser): sanitize suggested download filenames * chore(lint): avoid control regex in download sanitizer * test(browser): cover absolute escape paths * docs(browser): update upload example path * refactor(browser): centralize upload path confinement * fix(infra): harden tmp dir selection * fix(security): harden archive extraction * fix(infra): harden tar extraction filter	2026-02-14 14:42:08 +01:00
cpojer	f06dd8df06	chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.	2026-02-01 10:03:47 +09:00
cpojer	5ceff756e1	chore: Enable "curly" rule to avoid single-statement if confusion/errors.	2026-01-31 16:19:20 +09:00
Peter Steinberger	7cebe7a506	style: run oxfmt	2026-01-17 08:00:05 +00:00
Peter Steinberger	3a6ee5ee00	feat: unify hooks installs and webhooks	2026-01-17 07:08:04 +00:00