forked from username/flaskpaste
b47c26dd14
- Add anti-flood, rate limiting, scheduled cleanup to feature lists - Update version to 1.4.0, test count to 205 - Document /pastes endpoint with query parameters - Add anti-flood fields to /challenge response - Update CLI docs with new commands (list, search, export) - Add decision log entries for recent features
2.9 KiB
2.9 KiB
Task List
Prioritized, actionable tasks. Each task is small and completable in one session.
Priority 1: Ecosystem
| Status | Task |
|---|---|
| ☐ | Create Ansible deployment role |
| ☐ | Add Kubernetes manifests (Deployment, Service, ConfigMap) |
| ☐ | Add systemd service unit example |
Priority 2: Features
| Status | Task |
|---|---|
| ☐ | Add rate limit headers (X-RateLimit-*) |
Priority 3: Quality
| Status | Task |
|---|---|
| ☐ | Fix mypy type errors (currently ignored) |
| ☐ | Add test for concurrent identical submissions |
| ☐ | Add integration tests for container deployment |
Priority 4: Documentation
| Status | Task |
|---|---|
| ☐ | Create CONTRIBUTING.md with development setup |
| ☐ | Add PKI usage examples to documentation |
Completed
| Date | Task |
|---|---|
| 2024-12 | Implement anti-flood (dynamic PoW difficulty) |
| 2024-12 | Implement IP-based rate limiting |
| 2024-12 | Add scheduled cleanup (pastes, hashes, rate limits) |
| 2024-12 | Add CLI list/search/update/export commands |
| 2024-12 | Add CLI PoW retry (max 5 attempts) |
| 2024-12 | Add paste listing for authenticated users |
| 2024-12 | Implement minimal PKI (CA, issuance, revocation) |
| 2024-12 | Add security tooling (ruff, bandit, mypy, pip-audit) |
| 2024-12 | Create Makefile with dev workflow targets |
| 2024-12 | Setup CI/CD pipeline (Gitea Actions) |
| 2024-12 | Fix all ruff lint issues |
| 2024-12 | Optimize CI workflow (concurrency, job deps) |
| 2024-12 | Add PKI commands to CLI (status, issue, revoke) |
| 2024-12 | Implement burn-after-read option |
| 2024-12 | Implement custom expiry per paste |
| 2024-12 | Optimize Containerfile with multi-stage build |
| 2024-12 | Implement E2E encryption in CLI (AES-256-GCM) |
| 2024-12 | Implement entropy enforcement |
| 2024-12 | Add /client endpoint for CLI download |
| 2024-12 | Add URL prefix support |
| 2024-12 | Implement proof-of-work spam prevention |
| 2024-12 | Update documentation for v1.1.0 |
| 2024-12 | Add HEAD method for paste endpoints |
| 2024-12 | Add SQLite WAL mode for better concurrency |
| 2024-12 | Implement content-hash deduplication |
| 2024-12 | Add X-Proxy-Secret validation |
| 2024-12 | Add X-Request-ID tracing |
| 2024-11 | Implement security headers |
| 2024-11 | Add client certificate authentication |
| 2024-11 | Create test suite |
Task Guidelines
- Tasks should be completable in < 2 hours
- Each task results in one atomic commit
- Mark ☑ when complete, move to Completed section
- Remove tasks that become irrelevant
- Pull new tasks from TODO.md as capacity allows