Add package validation guard and make pacman idempotent

- Add explicit validation in UpdatePackage to require package name when 'all' is false, preventing empty package commands being sent to servers - Add --needed flag to pacman install in InstallDocker for idempotent Docker installation on Arch Linux 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-17 17:21:04 +00:00 · 2025-12-08 09:17:24 +01:00
parent 9bb77da9a4
commit 089007919d
2 changed files with 9 additions and 1 deletions
--- a/app/Actions/Server/InstallDocker.php
+++ b/app/Actions/Server/InstallDocker.php
@@ -158,7 +158,8 @@ class InstallDocker
        // Use -Syu to perform full system upgrade before installing Docker
        // Partial upgrades (-Sy without -u) are discouraged on Arch Linux
        // as they can lead to broken dependencies and system instability
-        return 'pacman -Syu --noconfirm docker docker-compose && '.
+        // Use --needed to skip reinstalling packages that are already up-to-date (idempotent)
+        return 'pacman -Syu --noconfirm --needed docker docker-compose && '.
            'systemctl enable docker.service && '.
            'systemctl start docker.service';
    }
--- a/app/Actions/Server/UpdatePackage.php
+++ b/app/Actions/Server/UpdatePackage.php
@@ -21,6 +21,13 @@ class UpdatePackage
                ];
            }

+            // Validate that package name is provided when not updating all packages
+            if (! $all && ($package === null || $package === '')) {
+                return [
+                    'error' => "Package name required when 'all' is false.",
+                ];
+            }
+
            // Sanitize package name to prevent command injection
            // Only allow alphanumeric characters, hyphens, underscores, periods, plus signs, and colons
            // These are valid characters in package names across most package managers