# FlaskPaste Roadmap ## Current State FlaskPaste v1.1.0 is deployed and feature-complete for its core mission: a secure, minimal pastebin API with zero-knowledge encryption support. **Implemented:** - Full REST API (CRUD operations) - Binary content support with magic-byte MIME detection - Client certificate authentication - Content-hash deduplication (abuse prevention) - Proof-of-work spam prevention - Entropy enforcement (require encrypted uploads) - E2E encryption in CLI (AES-256-GCM, key in URL fragment) - URL prefix support for reverse proxy deployments - /client endpoint for CLI distribution - Automatic paste expiry - Security headers and request tracing - Container deployment support - Comprehensive test suite (98 tests) ## Phase 1: Hardening (Complete) Focus: Production readiness and operational excellence. ``` ┌───┬─────────────────────────────────────┬────────────────────────────────────┐ │ # │ Milestone │ Status ├───┼─────────────────────────────────────┼────────────────────────────────────┤ │ 1 │ Abuse prevention (dedup) │ Done │ 2 │ Security headers complete │ Done │ 3 │ Request tracing (X-Request-ID) │ Done │ 4 │ Proxy trust validation │ Done │ 5 │ Proof-of-work spam prevention │ Done │ 6 │ Entropy enforcement │ Done │ 7 │ Test coverage > 90% │ Done (98 tests) │ 8 │ Documentation complete │ Done └───┴─────────────────────────────────────┴────────────────────────────────────┘ ``` ## Phase 2: Operations Focus: Deployment, monitoring, and maintenance tooling. ``` ┌───┬─────────────────────────────────────┬────────────────────────────────────┐ │ # │ Milestone │ Dependencies ├───┼─────────────────────────────────────┼────────────────────────────────────┤ │ 1 │ Prometheus metrics endpoint │ None │ 2 │ Structured JSON logging │ None │ 3 │ Admin API (stats, cleanup) │ Auth improvements │ 4 │ Ansible deployment role │ None │ 5 │ CI/CD pipeline │ Container registry access └───┴─────────────────────────────────────┴────────────────────────────────────┘ ``` ### Prometheus Metrics Expose `/metrics` endpoint with: - `flaskpaste_pastes_total` (counter) - `flaskpaste_pastes_created` (counter) - `flaskpaste_pastes_deleted` (counter) - `flaskpaste_pastes_expired` (counter) - `flaskpaste_storage_bytes` (gauge) - `flaskpaste_request_duration_seconds` (histogram) ### Structured Logging Replace text logs with JSON format: - Timestamp, level, message, request_id - Consistent field names across all log entries - Compatible with log aggregation (Loki, ELK) ## Phase 3: Features (Complete) Focus: User-requested enhancements within scope. ``` ┌───┬─────────────────────────────────────┬────────────────────────────────────┐ │ # │ Feature │ Status ├───┼─────────────────────────────────────┼────────────────────────────────────┤ │ 1 │ E2E encryption (client-side) │ Done (CLI -e flag, zero-knowledge) │ 2 │ URL prefix support │ Done │ 3 │ Custom expiry per paste │ Done (X-Expiry header) │ 4 │ Burn-after-read option │ Done (X-Burn-After-Read header) │ 5 │ Paste password protection │ Planned └───┴─────────────────────────────────────┴────────────────────────────────────┘ ``` ### Burn-After-Read Single-access pastes that delete after first retrieval: - `POST /` with `X-Burn-After-Read: true` header - Paste deleted after first `GET //raw` - Metadata `GET /` does not trigger burn ### Custom Expiry Allow per-paste expiry override: - `POST /` with `X-Expiry: 3600` header (seconds) - Capped at server maximum (e.g., 30 days) - Default unchanged for pastes without header ## Phase 4: Ecosystem Focus: Integration with external systems. ``` ┌───┬─────────────────────────────────────┬────────────────────────────────────┐ │ # │ Integration │ Status ├───┼─────────────────────────────────────┼────────────────────────────────────┤ │ 1 │ CLI client (fpaste) │ Done (with E2E encryption) │ 2 │ /client endpoint │ Done (downloadable CLI) │ 3 │ Neovim/Vim plugin │ Planned │ 4 │ Shell aliases/functions │ Planned │ 5 │ Webhook notifications │ Planned └───┴─────────────────────────────────────┴────────────────────────────────────┘ ``` ### CLI Client (Complete) Standalone Python CLI with encryption support: - `fpaste create file.txt` - Create paste from file - `fpaste create -e file.txt` - Create encrypted paste (E2E) - `fpaste get ` - Get paste (auto-decrypts with URL fragment key) - `fpaste delete ` - Delete paste - `fpaste info` - Show server info - Config file for server URL and cert fingerprint - Downloadable via `curl https://server/client > fpaste` ## Non-Goals (Explicit) These features will not be implemented: - **Web UI** - Out of scope; use API directly - **User accounts** - PKI handles identity - **Syntax highlighting** - Client responsibility - **Search/discovery** - Pastes are private by design - **Clustering** - Scale via container orchestration - **S3/PostgreSQL backend** - SQLite is sufficient ## Decision Log | Date | Decision | Rationale |------------|------------------------------------|----------------------------------------- | 2024-11 | SQLite only | Simplicity; no external dependencies | 2024-11 | No web UI | API-first; reduces attack surface | 2024-11 | Client cert auth | Integrates with existing PKI | 2024-12 | Content-hash dedup | Prevent spam without IP tracking | 2024-12 | Proof-of-work | Computational cost deters spam bots | 2024-12 | Client-side E2E encryption | Zero-knowledge; key in URL fragment | 2024-12 | Entropy enforcement | Heuristic to require encrypted uploads | 2024-12 | URL prefix support | Reverse proxy path-based routing | 2024-12 | Burn-after-read | Single-use pastes for sensitive data | 2024-12 | Custom expiry | Per-paste TTL override | 2024-12 | Multi-stage Containerfile | Smaller production images ## Review Schedule - **Monthly**: Review TODO.md, refine TASKLIST.md - **Quarterly**: Evaluate roadmap phases, adjust priorities - **Yearly**: Major version planning, scope review