fix(bootstrap): normalize auth header sources and harden Basic credential extraction · nextcloud/server@91dbf74

Triggered via pull request May 31, 2026 06:29

joshtrichards

opened #60885

jtr/cleanup-Auth-header-handling

Status Success

Total duration 8m 28s

Artifacts –

static-code-analysis.yml

on: pull_request

static-code-analysis-security

7m 46s

static-code-analysis-ocp

56s

static-code-analysis-ncu

37s

static-code-analysis-strict

1m 42s

static-code-analysis-summary

5s

Annotations

7 errors

TaintedCallable: lib/private/ServerContainer.php#L89

lib/private/ServerContainer.php:89:17: TaintedCallable: Detected tainted text (see https://psalm.dev/243)

TaintedHtml: lib/private/Mail/Mailer.php#L234

lib/private/Mail/Mailer.php:234:72: TaintedHtml: Detected tainted HTML (see https://psalm.dev/245)

TaintedHtml: lib/private/Mail/Mailer.php#L214

lib/private/Mail/Mailer.php:214:83: TaintedHtml: Detected tainted HTML (see https://psalm.dev/245)

TaintedCallable: lib/private/AppFramework/Utility/SimpleContainer.php#L129

lib/private/AppFramework/Utility/SimpleContainer.php:129:33: TaintedCallable: Detected tainted text (see https://psalm.dev/243)

TaintedCallable: apps/workflowengine/lib/Manager.php#L686

apps/workflowengine/lib/Manager.php:686:39: TaintedCallable: Detected tainted text (see https://psalm.dev/243)

TaintedCallable: apps/workflowengine/lib/Manager.php#L653

apps/workflowengine/lib/Manager.php:653:38: TaintedCallable: Detected tainted text (see https://psalm.dev/243)

TaintedCallable: apps/workflowengine/lib/Manager.php#L611

apps/workflowengine/lib/Manager.php:611:38: TaintedCallable: Detected tainted text (see https://psalm.dev/243)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

fix(bootstrap): normalize auth header sources and harden Basic credential extraction #80312

Summary

fix(bootstrap): normalize auth header sources and harden Basic credential extraction #80312

Uh oh!

static-code-analysis.yml

Annotations