Problem
validate_front_matter_identity rejects newlines in name and description to prevent YAML structure injection, but trigger.pipeline.name, trigger.pipeline.project, and branch entries are not validated for newlines.
A \n in these fields would produce multi-line YAML single-quoted scalars. While YAML spec allows this (they fold to a space), it could produce confusing display names or break tooling.
Low priority since these are operator-controlled values, but validate_front_matter_identity is a natural home for this check if the threat model is revisited.
Context
Found during review of #175 (security audit fixes).
Problem
validate_front_matter_identityrejects newlines innameanddescriptionto prevent YAML structure injection, buttrigger.pipeline.name,trigger.pipeline.project, and branch entries are not validated for newlines.A
\nin these fields would produce multi-line YAML single-quoted scalars. While YAML spec allows this (they fold to a space), it could produce confusing display names or break tooling.Low priority since these are operator-controlled values, but
validate_front_matter_identityis a natural home for this check if the threat model is revisited.Context
Found during review of #175 (security audit fixes).