 chiappa
|
2d08caf5d4
docs: mark SEC_REVIEW F10 as fixed in 55156c5
|
пре 5 дана |
|
chiappa
|
55156c51d8
fix: validate next-redirect targets to block off-origin Location values (SEC_REVIEW F10)
|
пре 5 дана |
|
chiappa
|
3a0f2b86a4
docs: mark SEC_REVIEW F9 as fixed in 2a57589
|
пре 5 дана |
|
chiappa
|
2a5758925c
fix: rotate session id at /login/oidc before OIDC state is stashed (SEC_REVIEW F9)
|
пре 5 дана |
|
chiappa
|
7032bda148
docs: mark SEC_REVIEW F8 as fixed in f811b25
|
пре 5 дана |
|
chiappa
|
f811b25734
fix: fail-closed on session id rotation when headers already sent (SEC_REVIEW F8)
|
пре 5 дана |
|
chiappa
|
ba4072b01e
docs: mark SEC_REVIEW F7 as fixed in 84238e6
|
пре 5 дана |
|
chiappa
|
84238e6592
fix: run password_verify on every local-login attempt for constant-time response (SEC_REVIEW F7)
|
пре 5 дана |
|
chiappa
|
97b49c87b4
docs: mark SEC_REVIEW F6 as fixed in d119b72
|
пре 5 дана |
|
chiappa
|
d119b72dfe
fix: persist login throttle state to a file shared by FrankenPHP workers (SEC_REVIEW F6)
|
пре 5 дана |
|
chiappa
|
5a749338b2
docs: mark SEC_REVIEW F4 and F5 as fixed in 8d948ae
|
пре 5 дана |
|
chiappa
|
8d948ae676
fix: make admin audit emit transactional with mutation (SEC_REVIEW F4, F5)
|
пре 5 дана |
|
chiappa
|
ffa20733d1
docs: mark SEC_REVIEW F3 as fixed in 8a94dff
|
пре 5 дана |
|
chiappa
|
8a94dff6ae
fix: enforce single local-admin row in upsertLocal (SEC_REVIEW F3)
|
пре 5 дана |
|
chiappa
|
41db33781f
docs: mark SEC_REVIEW F1 and F2 as fixed in 466d686
|
пре 5 дана |
|
chiappa
|
466d686840
fix: harden local-login throttle against XFF spoof and IP rotation
|
пре 5 дана |
|
chiappa
|
9ca5a4ad91
docs: add SEC_REVIEW.md with multi-agent security review findings
|
пре 5 дана |
|
chiappa
|
c3ad5bcd77
style: rework chart palette to a clean glass-like aesthetic
|
пре 1 недеља |
|
chiappa
|
c3e657bca8
style: mute chart palette to match logo's emerald brand colors
|
пре 1 недеља |
|
chiappa
|
717c0a5c2b
feat: subject filter for audit log; show actor-emitted rows on detail
|
пре 1 недеља |
|
chiappa
|
7622fd201b
feat: per-category blocked-IP dashboard chart + token purge
|
пре 1 недеља |
|
chiappa
|
f47973313b
feat: per-reporter/consumer audit-log toggle on edit pages
|
пре 1 недеља |
|
chiappa
|
61a26affe1
feat: audit reporter ingest and consumer blocklist pulls with toggles
|
пре 1 недеља |
|
chiappa
|
c91b4601fc
docs: add per-component changelogs and cut 1.0.0 baseline
|
пре 1 недеља |
|
chiappa
|
629c8955c2
docs(examples): fix postman README admin-token command
|
пре 1 недеља |
|
chiappa
|
d9cb118062
docs(examples): add Postman collection covering every API endpoint
|
пре 1 недеља |
|
chiappa
|
20a2a8dace
feat(ui): show recent reports table on reporter edit page
|
пре 1 недеља |
|
chiappa
|
7929ed87db
feat(ui): show last activity table on consumer edit page
|
пре 1 недеља |
|
chiappa
|
de1f2ea203
fix(ui): locale-aware date inputs on audit log filter
|
пре 1 недеља |
|
chiappa
|
3faebd216d
feat(ui): per-category lines + threshold-region shading on policy chart
|
пре 1 недеља |
