Inicio Explorar Ayuda
Iniciar sesión
chiappa
/
irdb
espejo de https://git.snix.ch/chiappa/irdb.git
1
0
Fork 0
Archivos Incidencias 0
Explorar el Código

release: cut project v0.9

First public preview tag for the bundled Compose stack. Adds a
top-level CHANGELOG.md (separate from api/ and ui/ component
changelogs) and surfaces the project version on the admin Settings
page in a new About section.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
chiappa hace 3 días
padre
221818fd52
commit
024ddc8ac8
Se han modificado 3 ficheros con 80 adiciones y 0 borrados
Dividir vista Mostrar estadísticas de diff
  1. 64 0
      CHANGELOG.md
  2. 13 0
      ui/resources/views/pages/settings/index.twig
  3. 3 0
      ui/src/Controllers/SettingsController.php

+ 64 - 0
CHANGELOG.md
Ver fichero 

@@ -0,0 +1,64 @@
 
+# Changelog — IRDB
 
+
 
+This is the **project-wide** changelog for the IRDB stack as a whole — a
 
+high-level record of what shipped in each cut of the bundled
 
+`docker-compose` deployment.
 
+
 
+The `api` and `ui` containers are versioned independently and have their
 
+own changelogs:
 
+
 
+- [`api/CHANGELOG.md`](./api/CHANGELOG.md)
 
+- [`ui/CHANGELOG.md`](./ui/CHANGELOG.md)
 
+
 
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 
+and the project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+
 
+Project-wide tags use the `v<MAJOR>.<MINOR>.<PATCH>` form so they don't
 
+collide with the per-component `api-v…` / `ui-v…` tags in this monorepo.
 
+
 
+## [Unreleased]
 
+
 
+## [0.9] — 2026-05-06
 
+
 
+First public preview of the bundled stack. Everything specified in
 
+[`SPEC.md`](./SPEC.md) milestones M1–M14 is in place; the `0.9` cut is
 
+the integration milestone where `api` 1.0.0 and `ui` 1.0.0 have been
 
+shipped together, hardened against the `SEC_REVIEW` findings, and
 
+verified end-to-end via the demo seed flow.
 
+
 
+The remaining gap to a `1.0` project tag is operational rather than
 
+functional — exercising the stack against real reporters/consumers,
 
+finalising the upgrade story, and locking down the Compose defaults for
 
+production deployment.
 
+
 
+### Highlights
 
+- Self-hosted abuse-report ingestion + tailored, decay-weighted blocklist
 
+  distribution as a Compose stack: `api` (Slim 4 / FrankenPHP JSON
 
+  backend), `ui` (Slim 4 / FrankenPHP PHP+Twig BFF), and optional
 
+  `mysql` and `scheduler` sidecars.
 
+- Four-kind token model (`reporter`, `consumer`, `admin`, `service`)
 
+  with SHA-256 hashing and a service-token + impersonation-header
 
+  pattern between the UI BFF and the api.
 
+- Reputation engine with linear and exponential decay, per-reporter
 
+  trust weighting, manual blocks and allowlist evaluated at distribution
 
+  time, and a 365-day hard cutoff.
 
+- GeoIP enrichment with MaxMind GeoLite2 and IPinfo adapters, refreshed
 
+  via an internal job.
 
+- OIDC login (Microsoft Entra ID, authorization code + PKCE) plus a
 
+  local admin form with Argon2id password validation.
 
+- Full admin UI: dashboard, IPs, subnets/allowlist, policies, reporters,
 
+  consumers, tokens, categories, audit log, and the settings page used
 
+  to display this version.
 
+- Public-endpoint audit emission with global + per-entity toggles so the
 
+  high-volume `report.received` / `blocklist.requested` rows can be
 
+  silenced without a container restart.
 
+- Hardening pass against the `SEC_REVIEW` queue (F1–F74 at time of
 
+  writing): security headers, secret scrubbing, request body caps,
 
+  bounded caches, rate limiting on public endpoints.
 
+
 
+### Container versions in this release
 
+- `api` — 1.0.0 (see [api/CHANGELOG.md](./api/CHANGELOG.md))
 
+- `ui` — 1.0.0 (see [ui/CHANGELOG.md](./ui/CHANGELOG.md))
 
+
 
+[Unreleased]: https://github.com/your-org/irdb/compare/v0.9...HEAD
 
+[0.9]: https://github.com/your-org/irdb/releases/tag/v0.9

+ 13 - 0
ui/resources/views/pages/settings/index.twig
Ver fichero 

@@ -10,6 +10,19 @@
 
         <span class="text-xs text-slate-500 dark:text-slate-400">Admin only · read-only · masked secrets</span>
 
     </div>
 
 
+    {% if project_version %}
 
+        <section class="rounded-2xl border border-slate-200 bg-white p-5 shadow-sm dark:border-slate-800 dark:bg-slate-900">
 
+            <h2 class="text-sm font-semibold uppercase tracking-wider text-slate-500 dark:text-slate-400">About</h2>
 
+            <p class="mt-1 text-xs text-slate-500 dark:text-slate-400">Project release of the bundled stack. Per-container versions live in <code>api/CHANGELOG.md</code> and <code>ui/CHANGELOG.md</code>.</p>
 
+            <dl class="mt-3 grid grid-cols-3 gap-2 text-sm">
 
+                <dt class="text-slate-500 dark:text-slate-400">IRDB version</dt>
 
+                <dd class="col-span-2">
 
+                    <span class="rounded bg-emerald-100 px-2 py-0.5 font-mono text-xs text-emerald-900 dark:bg-emerald-900 dark:text-emerald-100">v{{ project_version }}</span>
 
+                </dd>
 
+            </dl>
 
+        </section>
 
+    {% endif %}
 
+
 
     {% if error %}
 
         <div class="rounded-md border border-red-300 bg-red-50 px-4 py-2 text-sm text-red-800 dark:border-red-800 dark:bg-red-950 dark:text-red-300">{{ error }}</div>
 
     {% endif %}

+ 3 - 0
ui/src/Controllers/SettingsController.php
Ver fichero 

@@ -31,6 +31,8 @@ final class SettingsController
 
 {
 
     use CrudControllerSupport;
 
 
+    public const PROJECT_VERSION = '0.9';
 
+
 
     public function __construct(
 
         private readonly Twig $twigEngine,
 
         private readonly SessionManager $sessionManager,
 
@@ -81,6 +83,7 @@ final class SettingsController
 
             'config' => $config,
 
             'jobs' => $jobs,
 
             'app_settings' => $appSettings,
 
+            'project_version' => self::PROJECT_VERSION,
 
             'error' => $error,
 
         ]);
 
     }