|
|
60ce69e115
|
Try a unified api endpoint
|
2026-03-17 17:27:22 -03:00 |
|
|
|
d6d0735ff8
|
Fix cookie not accepted in safari
|
2026-03-17 16:57:51 -03:00 |
|
|
|
72088dba9a
|
Fix folder permissions
|
2026-03-17 16:37:59 -03:00 |
|
|
|
6f1fffd6e8
|
Update Typesense
|
2026-03-17 16:23:14 -03:00 |
|
|
|
490cbbb812
|
Normalize compose host bind mount paths
|
2026-03-02 22:11:33 -03:00 |
|
|
|
4fe22e3539
|
Document bind-mount permissions and ignore runtime data tree
|
2026-03-02 18:58:19 -03:00 |
|
|
|
3f7cdee995
|
Update cookie
|
2026-03-02 18:23:48 -03:00 |
|
|
|
1a04b23e89
|
Fix CSRF validation for duplicate cookie values on PATCH
|
2026-03-02 18:09:27 -03:00 |
|
|
|
2a5dfc3713
|
flush
|
2026-03-02 17:57:59 -03:00 |
|
|
|
1cd7d6541d
|
update dockerfile
|
2026-03-02 17:53:26 -03:00 |
|
|
|
ec6a20ebd1
|
Stabilize auth cookies for proxied split-domain deployments
|
2026-03-02 17:50:16 -03:00 |
|
|
|
83d6a4f367
|
Remove frontend npm tuning and keep standard install path
|
2026-03-02 17:31:34 -03:00 |
|
|
|
8cf3748015
|
Revert "Harden frontend npm install against transient registry timeouts"
This reverts commit daa11cb768.
|
2026-03-02 16:58:01 -03:00 |
|
|
|
daa11cb768
|
Harden frontend npm install against transient registry timeouts
|
2026-03-02 16:57:25 -03:00 |
|
|
|
8f2c357bfc
|
Run production frontend Nginx unprivileged under dropped caps
|
2026-03-02 16:41:20 -03:00 |
|
|
|
d50169b883
|
Serve production frontend via Nginx static build
|
2026-03-02 15:50:34 -03:00 |
|
|
|
b5b74845f2
|
Switch frontend container to production-aware runtime mode
|
2026-03-02 15:41:39 -03:00 |
|
|
|
0acce2e260
|
Wire Vite allowed hosts to env for Docker frontend
|
2026-03-02 15:37:39 -03:00 |
|
|
|
b86223f943
|
update docker compose
|
2026-03-02 15:24:21 -03:00 |
|
|
|
8dc4013e76
|
update docker compose
|
2026-03-02 15:18:12 -03:00 |
|
|
|
668c22f692
|
update docker compose
|
2026-03-02 15:16:14 -03:00 |
|
|
|
89ec3584f9
|
update docker-compose.yml
|
2026-03-02 15:03:45 -03:00 |
|
|
|
8dded6383e
|
Use node 22 slim for frontend npm network compatibility
|
2026-03-02 15:00:02 -03:00 |
|
|
|
c47fc48533
|
Harden frontend Docker npm fetch resilience
|
2026-03-02 14:38:26 -03:00 |
|
|
|
b6d470590e
|
Update docker compose
|
2026-03-02 14:26:52 -03:00 |
|
|
|
41bbe87b4c
|
Update changelog
|
2026-03-02 13:41:16 -03:00 |
|
|
|
6fba581865
|
Rewrite README for end-user Docker setup and env guidance
|
2026-03-02 13:40:29 -03:00 |
|
|
|
4b34d6153c
|
Remove report
|
2026-03-01 21:55:53 -03:00 |
|
|
|
700f0d6d79
|
Use version-safe FastAPI CSRF dependency params
|
2026-03-01 21:44:59 -03:00 |
|
|
|
3cccf2e0e8
|
Fix auth route response injection crash
|
2026-03-01 21:43:09 -03:00 |
|
|
|
26eae1a09b
|
Fix auth session persistence with HttpOnly cookies and CSRF
|
2026-03-01 21:39:22 -03:00 |
|
|
|
a9333ec973
|
Harden frontend auth token handling in runtime memory
|
2026-03-01 21:29:11 -03:00 |
|
|
|
8eaaa01186
|
update report
|
2026-03-01 21:25:37 -03:00 |
|
|
|
eae7afd36e
|
docs: refresh production security assessment report
|
2026-03-01 21:22:25 -03:00 |
|
|
|
874597e40b
|
Fix predefined catalog visibility and port security must-know guidance
|
2026-03-01 21:15:12 -03:00 |
|
|
|
32b4589b28
|
docs: update security production readiness report
|
2026-03-01 21:07:49 -03:00 |
|
|
|
4c27fd6483
|
Harden auth login against brute-force and refresh security docs
|
2026-03-01 18:24:26 -03:00 |
|
|
|
9cbbd80f47
|
update report
|
2026-03-01 18:15:14 -03:00 |
|
|
|
aba320b617
|
docs: refresh security production readiness report
|
2026-03-01 18:03:45 -03:00 |
|
|
|
74d91eb4b1
|
Update header styles
|
2026-03-01 17:55:51 -03:00 |
|
|
|
1c57084ebf
|
Hardcode CORS credentials disabled and remove env toggle
|
2026-03-01 17:16:13 -03:00 |
|
|
|
bfc89fe5ce
|
Revert "Allow private-network CORS origins in development"
This reverts commit 1b2e0cb8af.
|
2026-03-01 17:12:06 -03:00 |
|
|
|
1b2e0cb8af
|
Allow private-network CORS origins in development
|
2026-03-01 17:08:50 -03:00 |
|
|
|
0242e061c2
|
Harden auth and security controls with session auth and docs
|
2026-03-01 15:29:09 -03:00 |
|
|
|
7a19f22f41
|
Replace REPORT.md with production security readiness assessment
|
2026-03-01 14:56:26 -03:00 |
|
|
|
c5423fc9c3
|
Stabilize API routing, CORS, and settings save behavior
|
2026-03-01 14:27:19 -03:00 |
|
|
|
3d280396ae
|
Fix LAN API access and dev proxy routing
|
2026-03-01 14:08:48 -03:00 |
|
|
|
48cfc79b5f
|
Fix LAN API base and development CORS regression
|
2026-03-01 13:56:25 -03:00 |
|
|
|
bdd97d1c62
|
Harden security controls from REPORT findings
|
2026-03-01 13:32:08 -03:00 |
|
|
|
da5cbc2c01
|
Update Report
|
2026-03-01 12:42:52 -03:00 |
|
