1c03d213ac
All checks were successful
CD Pipeline / deploy (push) Successful in 1m22s
CVE-class issues fixed: 1. [HIGH] Shell Injection in gitlab_api_via_ssh (CWE-78) endpoint and json_data were interpolated into f-string cmd and passed as a single SSH remote command string → shell parses it → injection. Fix: build remote_argv as list; each curl argument is a separate item, SSH receives them as independent argv (no shell parsing of user data). 2. [HIGH] Hardcoded credentials in source code (CWE-798) GITLAB_TOKEN, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID all had live secrets as default fallback values. Tokens are now '' (empty) with a startup warning if env vars are missing. 3. [MEDIUM] Missing pre-validation allowlist on fix_action (CWE-20) ALLOWED_FIX_ACTIONS frozenset added before route handler; any unknown action is rejected with 400 before reaching execution logic. Note: fix_registry/fix_pods/execute_*_rollback use static SSH commands (no user input in cmd strings) so they are not injection risks. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
