From 45ea185f48306745e5d1e532b2b110bd2d0238d9 Mon Sep 17 00:00:00 2001
From: orbisai0security <mediratta01.pally@gmail.com>
Date: Sat, 30 May 2026 03:10:18 +0000
Subject: [PATCH] fix: V-001 security vulnerability

Automated security fix generated by OrbisAI Security
---
 tools/global_domains.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tools/global_domains.py b/tools/global_domains.py
index 78a31701..19a555ee 100755
--- a/tools/global_domains.py
+++ b/tools/global_domains.py
@@ -20,6 +20,10 @@ if not 2 <= len(sys.argv) <= 3:
 OUTPUT_FILE = sys.argv[1]
 GIT_REF = 'main' if len(sys.argv) == 2 else sys.argv[2]
 
+if not re.match(r'^[a-zA-Z0-9._/-]+$', GIT_REF):
+    print(f"Error: Invalid GIT_REF value: {GIT_REF!r}")
+    sys.exit(1)
+
 BASE_URL = f'https://github.com/bitwarden/server/raw/{GIT_REF}'
 ENUMS_URL = f'{BASE_URL}/src/Core/Enums/GlobalEquivalentDomainsType.cs'
 DOMAIN_LISTS_URL = f'{BASE_URL}/src/Core/Utilities/StaticStore.cs'