All checks were successful
CD Pipeline / deploy (push) Successful in 1m8s
從 app.py 抽出純驗證邏輯 (~180 行) 到 utils/security.py: - ALLOWED_TABLES 白名單常數 - validate_table_name / validate_column_names (SQL injection 防護) - safe_join (路徑遍歷防護) - ALLOWED_UPLOAD_EXTENSIONS / ALLOWED_MIME_TYPES - secure_filename_unicode / allowed_file / validate_upload_file (上傳驗證) app.py 保留 from utils.security import * 維持 backward compat, 讓 tests/test_path_traversal.py、tests/test_sql_security.py、 tests/test_file_upload.py 不需修改即可繼續使用 from app import xxx。 行數變化: app.py 7,386 → 7,206 (-180)