Kenneth Lien 1636fedbd4 Sanitize user-controlled filenames and download path components ...

- safeName() strips <>[]\r\n; from file_name/title before they hit the
  <channel> notification — delimiter chars would let an uploader break
  out of the tag or forge meta entries
- download_attachment strips ext/uniqueId to alphanumeric before join()
  — defense-in-depth against path traversal (file_unique_id is
  Telegram-controlled so this is belt-and-braces)

2026-03-20 11:56:57 -07:00

..

asana

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

context7

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

discord

Merge pull request #811 from anthropics/kenneth/chmod-env-files

2026-03-20 10:48:05 -07:00

fakechat

Revert "Remove telegram, discord, and fakechat plugins (#741)" (#753)

2026-03-19 13:59:14 -07:00

firebase

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

github

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

gitlab

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

greptile

Add README and setup documentation for Greptile plugin (#122)

2026-01-05 21:15:35 -08:00

laravel-boost

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

linear

change to use notion external (#25)

2025-12-16 15:13:40 -08:00

playwright

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

serena

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

slack

feat: update Slack plugin to HTTP transport with OAuth config

2026-02-17 15:07:52 -05:00

stripe

added new partners (#36)

2025-12-18 08:58:02 -08:00

supabase

Merge pull request #2 from anthropics/noahz/official_language

2025-12-01 16:03:02 -08:00

telegram

Sanitize user-controlled filenames and download path components

2026-03-20 11:56:57 -07:00