d9efa85924
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Add validateImageTag() method to DockerSandboxService that validates Docker image references against a safe character pattern before any container creation. Rejects empty tags, tags exceeding 256 characters, and tags containing shell metacharacters (;, &, |, $, backtick, etc.) to prevent injection attacks. Also validates the default image tag at service construction time to fail fast on misconfiguration. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>