umputun / remark42 / 26796004314

Builds Branch Commit Type Ran Committer Via Coverage
26796004314 dependabot/npm_and_yarn/frontend/vitest-4.1.0 chore(deps-dev): bump vitest from 2.1.4 to 4.1.0 in /frontend Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 2.1.4 to 4.1.0. - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https... Pull #2080 web-flow github
84.29
26796004658 dependabot/npm_and_yarn/frontend/turbo-2.9.14 chore(deps-dev): bump turbo from 1.4.3 to 2.9.14 in /frontend Bumps [turbo](https://github.com/vercel/turborepo) from 1.4.3 to 2.9.14. - [Release notes](https://github.com/vercel/turborepo/releases) - [Changelog](https://github.com/vercel/turbore... Pull #2066 web-flow github
84.29
26791591505 master fix: handle REST shutdown before server start push umputun github
84.29
26790924502 refs/tags/v1.16.1 fix typo in file name push umputun github
84.58
26790923067 refs/tags/backend/v1.16.1 fix typo in file name push umputun github
84.58
26605290976 fix-typo fix typo in file name Pull #2079 paskal github
84.58
26592501165 master fix: parameter docs + --help text inconsistencies (audit) (#2077) * fix: address parameter docs and --help text inconsistencies Audit findings from comparing site/src/docs/configuration/parameters/ against the backend flag tags. Docs (parameter... push web-flow github
84.58
26473236552 docs-audit-fixes fix: webhook template flag default override masking safe fallback Copilot flagged the audit's "real default" claim and was right. server.go:286 had default:"{\"text\": \"{{.Text}}\"}" — the literal, JSON-unsafe template that produces invalid JSON... Pull #2077 paskal github
84.58
26471582760 docs-audit-fixes fix: address parameter docs and --help text inconsistencies Audit findings from comparing site/src/docs/configuration/parameters/ against the backend flag tags. Docs (parameters/index.md): - image.bolt.file default was `/var/pictures.db` (absolu... Pull #2077 paskal github
84.58
26305153257 refs/tags/backend/v1.16.0 chore(release): build binary artifacts with GoReleaser (#2070) replace the Docker artifact build with GoReleaser config and a tag release workflow. Keep local artifact builds snapshot-only and clean generated frontend embed files after release runs. push web-flow github
84.58
26305145072 refs/tags/v1.16.0 chore(release): build binary artifacts with GoReleaser (#2070) replace the Docker artifact build with GoReleaser config and a tag release workflow. Keep local artifact builds snapshot-only and clean generated frontend embed files after release runs. push web-flow github
84.58
26203935339 master fix(security): reject non-image content-types in image proxy and /picture/ to prevent stored XSS (#2067) * fix(security): reject non-image content-types in image proxy and /picture/ to prevent stored XSS The /api/v1/img proxy and /api/v1/picture... push web-flow github
84.55
26203772393 fix-image-proxy-xss-content-type-spoofing fix(security): set Cache-Control: no-store on image-proxy error paths, sync stale route comment Addresses two review comments on #2067: 1. Cache-Control: max-age=2592000 and Etag were set before the load/download/validation block, so 404/400/... Pull #2067 paskal github
84.58
26203356486 fix-image-proxy-xss-content-type-spoofing fix(security): reject non-image content-types in image proxy and /picture/ to prevent stored XSS The /api/v1/img proxy and /api/v1/picture/{user}/{id} endpoints emitted http.DetectContentType on the served bytes as the response Content-Type. A co... Pull #2067 paskal github
84.57
26202461678 master fix(image): reject decompression-bomb dimensions before raster decode readAndValidateImage caps the byte size of incoming images but the resize() helper that follows still called image.Decode unconditionally, allocating pixel memory proportional ... push umputun github
84.27