From 1a35750d0a1e843693aff22f9cdca5aff0231906 Mon Sep 17 00:00:00 2001
From: Moon <moon@shipoclu.com>
Date: Sat, 14 Jun 2025 05:51:49 +0900
Subject: [PATCH] restrict characters in KEMOVERSE_ENV

---
 bot/config.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bot/config.py b/bot/config.py
index 5a1046d..57cbfa9 100644
--- a/bot/config.py
+++ b/bot/config.py
@@ -14,6 +14,10 @@ def get_config_file() -> str:
     env: str | None = environ.get('KEMOVERSE_ENV')
     if not env:
         raise ConfigError('Error: KEMOVERSE_ENV is unset')
+    
+    # Validate environment name contains only alphanumeric, dash, and underscore
+    if not re.match(r'^[a-zA-Z0-9_-]+$', env):
+        raise ValueError(f'KEMOVERSE_ENV "{env}" contains invalid characters. Only alphanumeric, dash (-), and underscore (_) are allowed.')
 
     config_path: str = f'config_{env}.ini'