cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b6c0ec0e9b913cfcd46ab9c39c2b198be9e2ae5f
Linux-Server-Management-Too…/lib
T
History
cschantz b6c0ec0e9b Fix security issues and QA false positives 
Security fixes in lib/mysql-analyzer.sh:
- Added -- separator to grep/sed/awk/wc commands to prevent filename injection
- Fixed 10 ESCAPE issues (lines 130, 153, 180, 208, 210, 320, 324, 405, 507, 513)

QA script improvements in tools/toolkit-qa-check.sh:
- Updated ESCAPE check (CHECK 66) to recognize -- as safe pattern
- Updated HARDCODED-PATH check (CHECK 81) to skip control panel abstraction libraries
- Now correctly excludes domain-discovery.sh, plesk-helpers.sh, user-manager.sh from hardcoded path warnings
- Reduced false positives by ~23 issues

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-09 16:17:23 -05:00
..
attack-patterns.sh
CRITICAL: Fix massive false positives causing Score:100 on legitimate traffic
2026-01-06 18:47:35 -05:00
attack-signatures.sh
Add missing function exports to library files
2026-01-02 16:23:17 -05:00
bot-signatures.sh
Security Intelligence Suite - Complete Overhaul
2025-11-13 23:01:13 -05:00
common-functions.sh
Fix menu standards: Replace plain dashes with Unicode separators
2025-12-17 01:35:48 -05:00
domain-discovery.sh
Fix SOURCE command safety issues (HIGH priority)
2026-01-02 17:26:21 -05:00
email-functions.sh
Fix HIGH priority issues: paths, globs, deps, wordsplit
2026-01-02 17:21:19 -05:00
http-attack-analyzer.sh
Fix HIGH priority issues: library exit, unquoted paths, and globs
2026-01-02 16:39:57 -05:00
ip-reputation.sh
Move IP reputation database to /tmp
2026-01-06 22:02:28 -05:00
mysql-analyzer.sh
Fix security issues and QA false positives
2026-01-09 16:17:23 -05:00
php-analyzer.sh
Performance optimizations Round 2: Pure bash field extraction
2025-12-12 17:08:17 -05:00
php-config-manager.sh
Fix backup function to pass domain parameter
2025-12-12 23:15:12 -05:00
php-detector.sh
Fix 5 critical bugs in PHP optimization scripts
2025-12-11 21:19:26 -05:00
plesk-helpers.sh
Fix SOURCE command safety issues (HIGH priority)
2026-01-02 17:26:21 -05:00
rate-anomaly-detector.sh
Add missing function exports to library files
2026-01-02 16:23:17 -05:00
reference-db.sh
Fix WORDSPLIT issues in for loops (HIGH priority)
2026-01-02 17:34:56 -05:00
system-detect.sh
Fix SOURCE command safety issues (HIGH priority)
2026-01-02 17:26:21 -05:00
threat-intelligence.sh
Move all persistent data to /tmp (no system pollution)
2026-01-06 22:03:18 -05:00
user-manager.sh
Fix WORDSPLIT issues in for loops (HIGH priority)
2026-01-02 17:34:56 -05:00