37d745703c
security: remove RealIP middleware, tighten rate limiter defaults
...
- remove chi middleware.RealIP; deprecated in chi v5.3.0 due to IP spoofing
vulnerabilities (GHSA-3fxj-6jh8-hvhx, GHSA-rjr7-jggh-pgcp, GHSA-9g5q-2w5x-hmxf)
- lower default RATE_LIMIT from 100 to 20 req/s per IP
- support RATE_LIMIT=0 to disable rate limiting entirely (for deployments behind
a remote reverse proxy with its own rate limiting)
- fix incorrect .env.example comment (was 'per 15 minute window', is per second)
2026-05-23 18:37:55 -07:00
bb8ce0456a
code cleanups and refactors
2026-02-26 18:35:11 -08:00
bb1ee31308
code cleanups, switch to chi rate limiting middleware
2026-02-24 01:24:22 -08:00
667c8f77ac
clean up unused admin routes, expose existing apps via new endpoint, update schema to allow an app to have many subscription channels
2026-02-15 21:19:40 -08:00
923e7110c4
fix version in api/health response
2026-02-14 14:40:47 -08:00
a66ddc7363
version all APIs for v1
2026-02-14 12:53:08 -08:00
ea3345825a
code clean ups, minor improvements
2026-02-12 23:13:16 -08:00
372295be45
fix /health but for real this time
2026-02-09 03:22:38 -08:00
3978f476c7
fix health endpoint, nits
2026-02-09 02:57:30 -08:00
244ab02651
using biome for html/cs/js formatting and linting, simplify app to run with no services, re-implement proton and signal implementations to be much better, configure all integration in web UI instead of .env
2026-02-09 01:19:47 -08:00
cc21c41e73
health monitoring for prism, expose server version in /api/health
2026-02-07 03:07:21 -08:00
7fd57101a3
improve README, code cleaning, use the other sqlite lib for less RAM usage, use any instead of interface, add 3 retries with exponential backoff for undelivered notifications
2026-02-07 01:54:06 -08:00
fe11ed82af
lock down alpine version, code clean ups, optimize release size with upx
2026-02-05 22:19:38 -08:00
ac40783aa7
re-architect to a new integration system, ensure that signal is optional, adding telegram support
2026-02-05 15:46:28 -08:00
4dd14a2833
nits
2026-02-03 21:18:09 -08:00
2d4160f583
support webpush and webhooks together, allow unregistered webpush, rename endpoints to apps
2026-02-03 19:31:47 -08:00
051a13cb7a
re-organize folder structure
2026-02-02 14:52:07 -08:00
