(ref: string)
| 2 | |
| 3 | // @note: reject refs starting with '-' to prevent git flag injection. |
| 4 | export const isGitRefValid = (ref: string): boolean => { |
| 5 | return !ref.startsWith('-'); |
| 6 | } |
| 7 | |
| 8 | // @note: we don't allow directory traversal |
| 9 | // or null bytes in the path. |
no outgoing calls
no test coverage detected