A 7a5e7580bd fix(security): validate server_id in cmdConnect and cmdEnterAgent (#1925) ... All other connection fields (ip, user, server_name) are validated against injection before being passed to shell commands, but server_id was skipped in both cmdConnect and cmdEnterAgent despite being used as a daytona ssh argument (line 2922). This inconsistency existed while execDeleteServer, mergeLastConnection, and the headless code path all correctly validated server_id. Adds the missing `if (connection.server_id) { validateServerIdentifier(...) }` guard in both functions, matching the existing server_name pattern. Agent: security-auditor Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>		2026-02-25 12:56:57 -05:00
..
cli	fix(security): validate server_id in cmdConnect and cmdEnterAgent (#1925)	2026-02-25 12:56:57 -05:00
shared	fix: remove unused biome-ignore suppression comments in shared type-guards (#1892)	2026-02-24 17:48:10 -05:00