livedash-node

kjanat/livedash-node

Fork 0

mirror of https://github.com/kjanat/livedash-node.git synced 2026-01-16 21:12:08 +01:00

Commit Graph

Author	SHA1	Message	Date
Kaj Kowalski	6d7619a9c5	fix: strengthen CSP metrics endpoint authentication - Replace isPlatformUser check with ADMIN role requirement - Return 403 Forbidden for non-admin users (was 401) - Align with other admin endpoints and documentation requirements - CSP metrics contain sensitive security data requiring admin access	2025-07-13 16:19:51 +02:00
Kaj Kowalski	7a3eabccd9	feat: enhance security, performance, and stability This commit introduces a range of improvements across the application: - Security: - Adds authentication to the CSP metrics endpoint. - Hardens CSP bypass detection regex to prevent ReDoS attacks. - Improves CORS headers for the CSP metrics API. - Adds filtering for acknowledged alerts in security monitoring. - Performance: - Optimizes database connection pooling for NeonDB. - Improves session fetching with abort controller. - Stability: - Adds error handling to the tRPC demo component. - Fixes type inconsistencies in session data mapping. - Docs & DX: - Ignores files in git. - Fixes a token placeholder in the documentation.	2025-07-12 01:03:52 +02:00
Kaj Kowalski	1eea2cc3e4	refactor: fix biome linting issues and update project documentation - Fix 36+ biome linting issues reducing errors/warnings from 227 to 191 - Replace explicit 'any' types with proper TypeScript interfaces - Fix React hooks dependencies and useCallback patterns - Resolve unused variables and parameter assignment issues - Improve accessibility with proper label associations - Add comprehensive API documentation for admin and security features - Update README.md with accurate PostgreSQL setup and current tech stack - Create complete documentation for audit logging, CSP monitoring, and batch processing - Fix outdated project information and missing developer workflows	2025-07-12 00:28:09 +02:00

Author

SHA1

Message

Date

Kaj Kowalski

6d7619a9c5

fix: strengthen CSP metrics endpoint authentication

- Replace isPlatformUser check with ADMIN role requirement
- Return 403 Forbidden for non-admin users (was 401)
- Align with other admin endpoints and documentation requirements
- CSP metrics contain sensitive security data requiring admin access

2025-07-13 16:19:51 +02:00

Kaj Kowalski

7a3eabccd9

feat: enhance security, performance, and stability

This commit introduces a range of improvements across the application:

- **Security:**
  - Adds authentication to the CSP metrics endpoint.
  - Hardens CSP bypass detection regex to prevent ReDoS attacks.
  - Improves CORS headers for the CSP metrics API.
  - Adds filtering for acknowledged alerts in security monitoring.

- **Performance:**
  - Optimizes database connection pooling for NeonDB.
  - Improves session fetching with abort controller.

- **Stability:**
  - Adds error handling to the tRPC demo component.
  - Fixes type inconsistencies in session data mapping.

- **Docs & DX:**
  - Ignores  files in git.
  - Fixes a token placeholder in the documentation.

2025-07-12 01:03:52 +02:00

Kaj Kowalski

1eea2cc3e4

refactor: fix biome linting issues and update project documentation

- Fix 36+ biome linting issues reducing errors/warnings from 227 to 191
- Replace explicit 'any' types with proper TypeScript interfaces
- Fix React hooks dependencies and useCallback patterns
- Resolve unused variables and parameter assignment issues
- Improve accessibility with proper label associations
- Add comprehensive API documentation for admin and security features
- Update README.md with accurate PostgreSQL setup and current tech stack
- Create complete documentation for audit logging, CSP monitoring, and batch processing
- Fix outdated project information and missing developer workflows

2025-07-12 00:28:09 +02:00

3 Commits