root/smart-home-server

Fork: 0

root / smart-home-server

History for smart-home-server / server / tests / MetaManagerTest.php

2026-06-03	8ac5109 Browse files » Fix 10 critical/high issues from Phase 6-7 audit ... - Entity::select_from_db() throws on missing record (fatal error fix) - Scripts::select_scripts_by_aliases_types() early return on empty array (SQL syntax fix) - ThinBuilder WHERE operator whitelist (SQL injection prevention) - validate_identifier() rejects numeric start (SQL correctness) - Remove escape_string_in_arr() dead code (security hygiene) - MetaManager::create_or_update() wrapped in transaction (race condition) - Scripts::remove_scope() deletes DB before file (consistency) - IN clause guards against non-array values (PHP 8 TypeError fix) - Short where syntax supports IN operator (correctness) - DeviceAuth::kill() clears Device auth cache (stale data fix) Eugene Sukhodolskiy committed 3 hours ago

2026-06-03

8ac5109
Browse files »

Fix 10 critical/high issues from Phase 6-7 audit ...

- Entity::select_from_db() throws on missing record (fatal error fix)
- Scripts::select_scripts_by_aliases_types() early return on empty array (SQL syntax fix)
- ThinBuilder WHERE operator whitelist (SQL injection prevention)
- validate_identifier() rejects numeric start (SQL correctness)
- Remove escape_string_in_arr() dead code (security hygiene)
- MetaManager::create_or_update() wrapped in transaction (race condition)
- Scripts::remove_scope() deletes DB before file (consistency)
- IN clause guards against non-array values (PHP 8 TypeError fix)
- Short where syntax supports IN operator (correctness)
- DeviceAuth::kill() clears Device auth cache (stale data fix)

Eugene Sukhodolskiy committed 3 hours ago