EasyAI代码托管平台

mirror of https://github.com/Comfy-Org/ComfyUI-Manager.git synced 2026-03-08 18:47:39 +08:00

History

Dr.Lt.Data b11aee7c1e fix(deps): harden input sanitization, expand test coverage, bump version Security: - Add _INLINE_DANGEROUS_OPTIONS regex to catch pip options after package names (--find-links, --constraint, --requirement, --editable, --trusted-host, --global-option, --install-option and short forms) - Stage index URLs in pending_urls, commit only after full line validation to prevent URL injection from rejected lines Tests: - Add 50 new tests: inline sanitization, false-positive guards, parse helpers (_parse_conflicts, _parse_install_output), exception paths (91 → 141 total, all pass) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 05:35:23 +09:00
..
e2e/scripts	test(deps): add E2E scripts and update test documentation	2026-02-28 08:59:08 +09:00
test_unified_dep_resolver.py	fix(deps): harden input sanitization, expand test coverage, bump version	2026-03-07 05:35:23 +09:00

Dr.Lt.Data b11aee7c1e fix(deps): harden input sanitization, expand test coverage, bump version

Security:
- Add _INLINE_DANGEROUS_OPTIONS regex to catch pip options after package
  names (--find-links, --constraint, --requirement, --editable, --trusted-host,
  --global-option, --install-option and short forms)
- Stage index URLs in pending_urls, commit only after full line validation
  to prevent URL injection from rejected lines

Tests:
- Add 50 new tests: inline sanitization, false-positive guards, parse
  helpers (_parse_conflicts, _parse_install_output), exception paths
  (91 → 141 total, all pass)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-07 05:35:23 +09:00

e2e/scripts

test(deps): add E2E scripts and update test documentation

2026-02-28 08:59:08 +09:00

test_unified_dep_resolver.py

fix(deps): harden input sanitization, expand test coverage, bump version

2026-03-07 05:35:23 +09:00