| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2026-01-26 | Phase 1: Critical security fixes | Peter Stone | |
| - Remove default password fallback - require DEFAULT_PASS in all environments - Fix XSS vulnerabilities in HTML generation (handlers.go:795,920) - Add security headers middleware (X-Frame-Options, CSP, HSTS, etc.) - Add rate limiting on login endpoint (5 req/15min per IP) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> | |||
 |
index : doot.git | |
| doot — personal productivity web app | www-data |
| summaryrefslogtreecommitdiff |