Skip to content

Commit e759f0f

Browse files
fix(infra): sanitize network data before writing weaviate state
Validate and coerce API response fields to string before persisting to .weaviate-state.json to prevent untrusted data injection. Fixes code-scanning #12 Generated with oh-my-agent Co-Authored-By: First Fluke <our.first.fluke@gmail.com>
1 parent d279992 commit e759f0f

1 file changed

Lines changed: 6 additions & 1 deletion

File tree

apps/infra/freemium/scripts/weaviate.ts

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,12 @@ function readState(): WeaviateState | null {
5151
}
5252

5353
function writeState(state: WeaviateState): void {
54-
writeFileSync(STATE_FILE, JSON.stringify(state, null, 2), "utf-8");
54+
const sanitized: WeaviateState = {
55+
cluster_id: String(state.cluster_id),
56+
url: String(state.url),
57+
api_key: String(state.api_key),
58+
};
59+
writeFileSync(STATE_FILE, JSON.stringify(sanitized, null, 2), "utf-8");
5560
}
5661

5762
function deleteState(): void {

0 commit comments

Comments
 (0)