Skip to content

Harden release security suggestions#235

Merged
debuggerone merged 6 commits into
mainfrom
hotfix/v1.0.10-release-notes-security
Jul 1, 2026
Merged

Harden release security suggestions#235
debuggerone merged 6 commits into
mainfrom
hotfix/v1.0.10-release-notes-security

Conversation

@debuggerone

Copy link
Copy Markdown
Contributor

Summary

  • harden the WebSocket wire test helper against shell execution and request-target injection
  • validate Ubuntu PHP runtime installer inputs and Ondrej PPA key fingerprint
  • constrain local Buildx cache paths before deleting next-cache directories
  • release persistent dynamic-admin-api config strings during shutdown
  • trim unnecessary Zend includes from the central King header

Checks

  • php -l extension/tests/server_websocket_wire_helper.inc
  • bash -n infra/scripts/install-ubuntu-php-runtime.sh infra/scripts/resolve-docker-buildx-cache.sh
  • git diff --check github/main..HEAD
  • local Buildx cache resolver smoke with a temp cache root

@debuggerone debuggerone merged commit 061db6e into main Jul 1, 2026
35 of 47 checks passed
@debuggerone debuggerone deleted the hotfix/v1.0.10-release-notes-security branch July 1, 2026 03:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants