# TODO

Unstructured intake buffer for ideas, issues, and observations. Items here are raw and unrefined. Actionable items should be promoted to TASKLIST.md.

---

## Ideas

- Prometheus metrics endpoint (`/metrics`) for monitoring integration
- Structured JSON logging for log aggregation compatibility
- Burn-after-read paste option
- Custom expiry header for per-paste TTL
- Rate limit headers in responses (X-RateLimit-*)
- Paste compression for large text content
- ETag support for conditional requests
- Paste listing for authenticated users (their own pastes only)
- Neovim/Vim plugin for editor integration
- Webhook notifications for paste events

## Observations

- Abuse prevention uses content-hash dedup + PoW + entropy enforcement
- SQLite WAL mode could improve concurrent read performance
- Container image size could be reduced with multi-stage build
- E2E encryption in CLI uses cryptography package (optional dependency)
- Entropy check has size threshold to avoid false positives on small data

## Questions

- Should expired paste cleanup run in-process or via external cron?
- Is SQLite sufficient for anticipated load, or plan for PostgreSQL?
- Should burn-after-read pastes show in metadata before burn?
- Password-protected pastes: derive key from password or store hash?

## Debt

- No integration tests for container deployment
- Missing test for concurrent paste creation
- Could add more deployment examples (Kubernetes, systemd)

## External Dependencies

- Consider adding `python-magic` for better MIME detection (currently magic bytes only)
- Evaluate `structlog` for structured logging when implemented
- Look into `prometheus-flask-exporter` for metrics

---

*Review weekly. Promote actionable items to TASKLIST.md. Archive or delete stale items.*