tjcsl / director4

Director 4: Website Hosting for the Masses
https://director.tjhsst.edu
MIT License
9 stars 12 forks source link

PACKAGE_NAME_REGEX is too strict #35

Closed sumanthratna closed 3 years ago

sumanthratna commented 3 years ago

e.g., g++ in an Alpine image returns an error, but it's actually a valid package name

relevant code:

https://github.com/tjcsl/director4/blob/543e330986611ff1d491b5399a0cdeb17ff65f6d/manager/director/apps/sites/forms.py#L231 https://github.com/tjcsl/director4/blob/543e330986611ff1d491b5399a0cdeb17ff65f6d/manager/director/apps/sites/forms.py#L241-L242

edit: instead of a regex, maybe just attempt to install packages and then raise an error if necessary? This would also allow version pinning; this might be too risky from a security standpoint