ansible/flaskpaste
1
0
Fork 0
forked from claw/flaskpaste
Code Pull Requests Activity
210 Commits 1 Branch 0 Tags
253fb2ad381e939b3bad89a1d3ab4a220f50d1b4
Commit Graph

4 Commits

Author SHA1 Message Date
Username
66d7948073 containerfile: consolidate security pins in requirements.txt 2026-01-20 08:20:55 +01:00
Username
0fc45587cd deps: pin transitive dependencies for security fixes 
- urllib3>=2.6.3 (CVE-2025-43859)
- jaraco.context>=6.1.0 (GHSA-58pv-8j8x-9vj2)
- setuptools>=80.0 (vendored jaraco.context)

reduces High vulnerabilities from 6 to 3
 2026-01-18 09:16:08 +01:00
Username
01ee337936 slim down production dependencies 2025-12-20 17:37:41 +01:00
Username
8f9868f0d9 flaskpaste: initial commit with security hardening 
Features:
- REST API for text/binary pastes with MIME detection
- Client certificate auth via X-SSL-Client-SHA1 header
- SQLite with WAL mode for concurrent access
- Automatic paste expiry with LRU cleanup

Security:
- HSTS, CSP, X-Frame-Options, X-Content-Type-Options
- Cache-Control: no-store for sensitive responses
- X-Request-ID tracing for log correlation
- X-Proxy-Secret validation for defense-in-depth
- Parameterized queries, input validation
- Size limits (3 MiB anon, 50 MiB auth)

Includes /health endpoint, container support, and 70 tests.
 2025-12-16 04:42:18 +01:00