codex/codex-cli at ab4cb9422753c2505bcd073d9de00f5d0972f873 - codex - Gitea: Git with a cup of tea

clone/codex

mirror of https://github.com/openai/codex.git synced 2026-04-24 14:45:27 +00:00

Files

History

Avi Rosenberg ab4cb94227 fix: Normalize paths in resolvePathAgainstWorkdir to prevent path traversal vulnerability (#895 )

This PR fixes a potential path traversal vulnerability by ensuring all
paths are properly normalized in the `resolvePathAgainstWorkdir`
function.

## Changes
- Added path normalization for both absolute and relative paths
- Ensures normalized paths are used in all subsequent operations
- Prevents potential path traversal attacks through non-normalized paths

This minimal change addresses the security concern without adding
unnecessary complexity, while maintaining compatibility with existing
code.

2025-05-12 13:44:00 -07:00

..

chore: introduce new --native flag to Node module release process (#844 )

2025-05-12 13:38:10 -07:00

fix: typos in prompts and comments (#195 )

2025-04-17 07:12:39 -07:00

chore: introduce new --native flag to Node module release process (#844 )

2025-05-12 13:38:10 -07:00

fix: Normalize paths in resolvePathAgainstWorkdir to prevent path traversal vulnerability (#895 )

2025-05-12 13:44:00 -07:00

fix: increase output limits for truncating collector (#575 )

2025-05-05 10:26:55 -07:00

.dockerignore

(fix) update Docker container scripts (#47 )

2025-04-16 12:02:41 -07:00

.editorconfig

Initial commit

2025-04-16 12:56:08 -04:00

.eslintrc.cjs

chore: introduce new --native flag to Node module release process (#844 )

2025-05-12 13:38:10 -07:00

.gitignore

chore: make build process a single script to run (#757 )

2025-05-01 08:36:07 -07:00

build.mjs

chore(build): cleanup dist before build (#477 )

2025-04-21 12:35:25 -04:00

Dockerfile

fix: only allow running without sandbox if explicitly marked in safe container (#699 )

2025-04-28 07:48:38 -07:00

HUSKY.md

Feat/add husky (#223 )

2025-04-17 07:18:43 -07:00

ignore-react-devtools-plugin.js

Initial commit

2025-04-16 12:56:08 -04:00

package.json

chore: introduce new --native flag to Node module release process (#844 )

2025-05-12 13:38:10 -07:00

require-shim.js

Initial commit

2025-04-16 12:56:08 -04:00

tsconfig.json

fix: /bug report command, thinking indicator (#381 )

2025-04-18 18:13:34 -07:00

vite.config.ts

fix: add empty vite config file to prevent resolving to parent (#273 )

2025-04-17 17:03:15 -07:00