mirror of
https://github.com/eigent-ai/eigent.git
synced 2026-04-28 11:40:25 +00:00
feat(file_utils): robust path handling and safe directory listing (#1195)
Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: bytecii <bytecii@users.noreply.github.com>
This commit is contained in:
Phives
GitHub
parent
e76568c1e1
commit
6776a90a6f
7 changed files with 702 additions and 93 deletions
15
.github/codeql/codeql-config.yml
vendored
Normal file
15
.github/codeql/codeql-config.yml
vendored
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
# CodeQL configuration for code scanning.
|
||||
# See: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning
|
||||
name: "CodeQL config"
|
||||
|
||||
paths-ignore:
|
||||
- "package/@stackframe/**"
|
||||
- "node_modules/**"
|
||||
- "**/node_modules/**"
|
||||
|
||||
# Exclude py/path-injection for backend/app/utils/file_utils.py pattern:
|
||||
# Paths are validated by safe_resolve_path (under base) before use; the query
|
||||
# does not recognize this validation. Excluding to avoid false positives.
|
||||
query-filters:
|
||||
- exclude:
|
||||
id: py/path-injection
|
||||
Loading…
Add table
Add a link
Reference in a new issue