Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-15 20:25:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4281 from sajdakabir/fix/4276-sanitize-webhook-error-responses

Browse Source 
fix: stop leaking Drizzle SQL queries in webhook error responses (#4276)
This commit is contained in:
Mauricio Siu
2026-04-24 21:59:50 -06:00
committed by GitHub
parent 940d18ad25 f8c6c8f7cc
commit e72c51444c
3 changed files with 27 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
apps/dokploy/pages/api/deploy/[refreshToken].ts
View File

@@ -12,6 +12,15 @@ import type { DeploymentJob } from "@/server/queues/queue-types";
import { myQueue } from "@/server/queues/queueSetup";
import { deploy } from "@/server/utils/deploy";
/**
* Log a webhook handler error server-side without leaking its shape to the HTTP
* response. Drizzle errors carry the raw SQL query, column list and parameters,
* so we never forward the error object to the client.
*/
export const logWebhookError = (context: string, error: unknown) => {
console.error(context, error);
};
/**
* Helper function to get package_version from registry_package events
*/
@@ -262,14 +271,15 @@ export default async function handler(
);
}
} catch (error) {
res.status(400).json({ message: "Error deploying Application", error });
logWebhookError("Error deploying Application:", error);
res.status(400).json({ message: "Error deploying Application" });
return;
}
res.status(200).json({ message: "Application deployed successfully" });
} catch (error) {
console.log(error);
res.status(400).json({ message: "Error deploying Application", error });
logWebhookError("Error deploying Application:", error);
res.status(400).json({ message: "Error deploying Application" });
}
}

8
apps/dokploy/pages/api/deploy/compose/[refreshToken].ts
View File

@@ -12,6 +12,7 @@ import {
extractCommittedPaths,
extractHash,
getProviderByHeader,
logWebhookError,
} from "../[refreshToken]";
export default async function handler(
@@ -195,13 +196,14 @@ export default async function handler(
);
}
} catch (error) {
res.status(400).json({ message: "Error deploying Compose", error });
logWebhookError("Error deploying Compose:", error);
res.status(400).json({ message: "Error deploying Compose" });
return;
}
res.status(200).json({ message: "Compose deployed successfully" });
} catch (error) {
console.log(error);
res.status(400).json({ message: "Error deploying Compose", error });
logWebhookError("Error deploying Compose:", error);
res.status(400).json({ message: "Error deploying Compose" });
}
}

15
apps/dokploy/pages/api/deploy/github.ts
View File

@@ -17,7 +17,11 @@ import { applications, compose, github } from "@/server/db/schema";
import type { DeploymentJob } from "@/server/queues/queue-types";
import { myQueue } from "@/server/queues/queueSetup";
import { deploy } from "@/server/utils/deploy";
import { extractCommitMessage, extractHash } from "./[refreshToken]";
import {
extractCommitMessage,
extractHash,
logWebhookError,
} from "./[refreshToken]";
export default async function handler(
req: NextApiRequest,
@@ -197,10 +201,8 @@ export default async function handler(
});
return;
} catch (error) {
console.error("Error deploying applications on tag:", error);
res
.status(400)
.json({ message: "Error deploying applications on tag", error });
logWebhookError("Error deploying applications on tag:", error);
res.status(400).json({ message: "Error deploying applications on tag" });
return;
}
}
@@ -322,7 +324,8 @@ export default async function handler(
}
res.status(200).json({ message: `Deployed ${totalApps} apps` });
} catch (error) {
res.status(400).json({ message: "Error deploying Application", error });
logWebhookError("Error deploying Application:", error);
res.status(400).json({ message: "Error deploying Application" });
}
} else if (req.headers["x-github-event"] === "pull_request") {
const prId = githubBody?.pull_request?.id;