37d745703c
security: remove RealIP middleware, tighten rate limiter defaults
...
- remove chi middleware.RealIP; deprecated in chi v5.3.0 due to IP spoofing
vulnerabilities (GHSA-3fxj-6jh8-hvhx, GHSA-rjr7-jggh-pgcp, GHSA-9g5q-2w5x-hmxf)
- lower default RATE_LIMIT from 100 to 20 req/s per IP
- support RATE_LIMIT=0 to disable rate limiting entirely (for deployments behind
a remote reverse proxy with its own rate limiting)
- fix incorrect .env.example comment (was 'per 15 minute window', is per second)
2026-05-23 18:37:55 -07:00
3f8fc957c5
dont need to truncate for logs
2026-04-15 09:16:22 -07:00
ca367baf35
fix telegram linking, minor fixes for upcoming release
2026-04-15 07:58:38 -07:00
4f259ccfea
support images in notifications, enrich notifications with phone + email actions, UX/a11y improvements
2026-04-14 18:05:14 -07:00
814c6fa258
more minor UI nitpicks
2026-04-13 22:47:59 -07:00
d39a8e2b43
more minor UI adjustments, back to matching Android theme
2026-04-13 20:13:09 -07:00
c9cb3a7289
update to latest signal-cli, UI audit improvements"
2026-04-13 12:17:59 -07:00
2cfee68536
reduce debug spam from hydroxide, better log title from ntfy alerts
2026-04-04 12:36:24 -07:00
e5778f68aa
rename prism admin -> prism
2026-03-28 17:07:39 -07:00
bb8ce0456a
code cleanups and refactors
2026-02-26 18:35:11 -08:00
bb1ee31308
code cleanups, switch to chi rate limiting middleware
2026-02-24 01:24:22 -08:00
429ce5d239
new favicon
2026-02-18 19:08:26 -08:00
a96a814661
correcting sqlite limitation on bursty requests which lock the DB without a busy timeout
2026-02-18 11:35:25 -08:00
061fcb305f
display subscription id in tooltip
2026-02-18 00:29:47 -08:00
147534286f
adding basic webpush request validation
2026-02-17 21:22:06 -08:00
7f1de091e0
minor UI nits
2026-02-17 19:05:41 -08:00
df0834cc0f
more minor webpush UI adjustments
2026-02-16 23:13:47 -08:00
649b3d33c0
webpush improvements
2026-02-16 21:52:53 -08:00
f29f79e04c
ignore favicon 404s
2026-02-16 18:25:20 -08:00
d69651ecda
cache previously created signal groups better for potential re-use
2026-02-15 22:45:41 -08:00
667c8f77ac
clean up unused admin routes, expose existing apps via new endpoint, update schema to allow an app to have many subscription channels
2026-02-15 21:19:40 -08:00
923e7110c4
fix version in api/health response
2026-02-14 14:40:47 -08:00
a66ddc7363
version all APIs for v1
2026-02-14 12:53:08 -08:00
2fde90e650
fix proton access token expiring after not being refreshed on service start, fix linking regression
2026-02-13 00:05:16 -08:00
ea3345825a
code clean ups, minor improvements
2026-02-12 23:13:16 -08:00
74233957d3
split larger files into multiple, slim down biome config, dont retry for permanent errors, consistently use Link, new chi middleware to fix 401s hanging
2026-02-10 17:10:02 -08:00
48c420d14b
reduce health spam, make dockerfile health checks respect the configured port
2026-02-09 18:10:57 -08:00
372295be45
fix /health but for real this time
2026-02-09 03:22:38 -08:00
3978f476c7
fix health endpoint, nits
2026-02-09 02:57:30 -08:00
244ab02651
using biome for html/cs/js formatting and linting, simplify app to run with no services, re-implement proton and signal implementations to be much better, configure all integration in web UI instead of .env
2026-02-09 01:19:47 -08:00
f1fddabaf7
return linked account from /api/health
2026-02-07 12:58:36 -08:00
cc21c41e73
health monitoring for prism, expose server version in /api/health
2026-02-07 03:07:21 -08:00
7fd57101a3
improve README, code cleaning, use the other sqlite lib for less RAM usage, use any instead of interface, add 3 retries with exponential backoff for undelivered notifications
2026-02-07 01:54:06 -08:00
f5c6166f57
fix notify self, fix superfluous WriteHeader warning
2026-02-06 19:30:03 -08:00
fe11ed82af
lock down alpine version, code clean ups, optimize release size with upx
2026-02-05 22:19:38 -08:00
ac40783aa7
re-architect to a new integration system, ensure that signal is optional, adding telegram support
2026-02-05 15:46:28 -08:00
4dd14a2833
nits
2026-02-03 21:18:09 -08:00
2d4160f583
support webpush and webhooks together, allow unregistered webpush, rename endpoints to apps
2026-02-03 19:31:47 -08:00
e31ccc76c5
make protonmail notifications work again, cleaner UI, update to v2 of IMAP lib,
2026-02-03 03:25:48 -08:00
051a13cb7a
re-organize folder structure
2026-02-02 14:52:07 -08:00
