flaskpaste

Author	SHA1	Message	Date
Username	8ebabfe102	pastes: add display_name field All checks were successful CI / Lint & Security Scan (push) Successful in 47s Details CI / Build & Push Image (push) Successful in 22s Details CI / Harbor Vulnerability Scan (push) Successful in 37s Details Authenticated users can tag pastes with a human-readable label via X-Display-Name header. Supports create, update, remove, and listing. Max 128 chars, control characters rejected.	2026-02-24 12:55:44 +01:00
Username	2679bc8e69	docs: add url shortener documentation Some checks failed CI / Lint & Format (push) Failing after 29s Details CI / Unit Tests (push) Has been skipped Details CI / Memory Leak Check (push) Has been skipped Details CI / Fuzz Testing (push) Has been skipped Details CI / SBOM Generation (push) Has been skipped Details CI / Security Scan (push) Successful in 33s Details CI / Security Tests (push) Has been skipped Details CI / Advanced Security Tests (push) Has been skipped Details CI / Build & Push Image (push) Has been skipped Details CI / Harbor Vulnerability Scan (push) Has been skipped Details	2026-02-16 20:56:55 +01:00
Username	6da80aec76	docs: update for simplified MIME detection (v1.5.1) Some checks failed CI / Lint & Format (push) Failing after 16s Details CI / Unit Tests (push) Has been skipped Details CI / Memory Leak Check (push) Has been skipped Details CI / SBOM Generation (push) Has been skipped Details CI / Security Scan (push) Successful in 19s Details CI / Security Tests (push) Has been skipped Details CI / Advanced Security Tests (push) Has been skipped Details	2025-12-26 19:52:40 +01:00
Username	764b831bb0	expand magic byte detection for common file formats Some checks failed CI / Lint & Format (push) Failing after 16s Details CI / Unit Tests (push) Has been skipped Details CI / Memory Leak Check (push) Has been skipped Details CI / SBOM Generation (push) Has been skipped Details CI / Security Scan (push) Failing after 22s Details CI / Security Tests (push) Has been skipped Details Add detection for: - Images: BMP, TIFF, ICO - Video: MP4, WebM, FLV, Matroska - Audio: MP3, FLAC, OGG - Documents: MS Office OLE (DOC/XLS/PPT) - Executables: PE (EXE/DLL), ELF, Mach-O, WASM - Archives: BZIP2, XZ, ZSTD, LZ4, 7z, RAR - Data: SQLite This improves REQUIRE_BINARY enforcement by detecting more recognizable formats that should be encrypted before upload.	2025-12-25 19:47:33 +01:00
Username	cf458347ef	add systemd service unit and rate limit headers All checks were successful CI / Lint & Format (push) Successful in 18s Details CI / Security Scan (push) Successful in 23s Details CI / Memory Leak Check (push) Successful in 21s Details CI / Tests (push) Successful in 1m16s Details Systemd deployment: - examples/flaskpaste.service with security hardening - examples/flaskpaste.env with all config options - README deployment section updated Rate limit headers (X-RateLimit-*): - Limit, Remaining, Reset on 201 and 429 responses - Per-IP tracking with auth multiplier - api.md documented	2025-12-24 17:51:14 +01:00
Username	cb6eebee59	docs: update for v1.5.0 features All checks were successful CI / Lint & Format (push) Successful in 19s Details CI / Security Scan (push) Successful in 22s Details CI / Memory Leak Check (push) Successful in 22s Details CI / Tests (push) Successful in 1m16s Details - Add PKI audit logging, request duration metrics to features list - Update test count from 216 to 283 - Add audit.py and metrics.py to project structure - Document audit logging in api.md - Update TASKLIST.md with completed tasks - Update TODO.md (remove resolved debt items) - Update ROADMAP.md decision log	2025-12-24 17:10:42 +01:00
Username	028367d803	docs: modernize and clean deprecated content All checks were successful CI / Lint & Format (push) Successful in 17s Details CI / Security Scan (push) Successful in 21s Details CI / Tests (push) Successful in 1m5s Details - replace deprecated FLASK_ENV with FLASK_DEBUG - remove duplicate FLASKPASTE_MAX_EXPIRY entry - update API version to 1.5.0 - add missing /pastes and /pki endpoints to table - remove deprecated X-XSS-Protection header - add PKI config variables - update features list with current capabilities - update auth benefits and security sections	2025-12-21 22:36:48 +01:00
Username	e2e2039903	docs: update for tiered expiry, admin features, batch delete All checks were successful CI / Lint & Format (push) Successful in 16s Details CI / Security Scan (push) Successful in 21s Details CI / Tests (push) Successful in 1m5s Details	2025-12-21 22:16:51 +01:00
Username	880bf631e3	fpaste: add register command for public certificate enrollment Some checks failed CI / Lint & Format (push) Failing after 15s Details CI / Tests (push) Has been skipped Details CI / Security Scan (push) Failing after 19s Details - Add register command to obtain client cert from server - Solve PoW challenge, receive PKCS#12 bundle - Extract cert/key, optionally update config (--configure) - Fix registration to work without PKI_ENABLED (only needs PKI_CA_PASSWORD) - Add skip_enabled_check param to get_ca_info() for registration path - Update docs: README examples, API header name fix (X-Fingerprint-SHA1)	2025-12-21 10:59:09 +01:00
Username	5849c7406f	add /register endpoint for public certificate registration Some checks failed CI / Lint & Format (push) Failing after 15s Details CI / Tests (push) Has been skipped Details CI / Security Scan (push) Failing after 19s Details Public endpoint allows anyone to obtain a client certificate for authentication. Features: - Higher PoW difficulty than paste creation (24 vs 20 bits) - Auto-generates CA on first registration if not present - Returns PKCS#12 bundle with cert, key, and CA - Configurable via FLASKPASTE_REGISTER_POW Endpoints: - GET /register/challenge - Get registration PoW challenge - POST /register - Register and receive PKCS#12 bundle	2025-12-21 10:34:02 +01:00
Username	b47c26dd14	docs: update for v1.4.0 features Some checks failed CI / Lint & Format (push) Successful in 16s Details CI / Security Scan (push) Failing after 19s Details CI / Tests (push) Failing after 35s Details - Add anti-flood, rate limiting, scheduled cleanup to feature lists - Update version to 1.4.0, test count to 205 - Document /pastes endpoint with query parameters - Add anti-flood fields to /challenge response - Update CLI docs with new commands (list, search, export) - Add decision log entries for recent features	2025-12-20 21:36:09 +01:00
Username	a2c5a013ef	docs: update for encrypt-by-default CLI Some checks failed CI / Lint & Format (push) Failing after 14s Details CI / Tests (push) Has been skipped Details CI / Security Scan (push) Failing after 21s Details Update README.md, api.md, and error hints to reflect: - encryption is now default (no -e flag needed) - use -E/--no-encrypt to disable - file path shortcut (fpaste file.txt)	2025-12-20 18:12:00 +01:00
Username	cdf8de5a8b	document encryption enforcement options Some checks failed CI / Lint & Format (push) Failing after 15s Details CI / Tests (push) Has been skipped Details CI / Security Scan (push) Failing after 21s Details	2025-12-20 17:46:58 +01:00
Username	4e38517faf	pki: add minimal certificate authority - CA generation with encrypted private key storage (AES-256-GCM) - Client certificate issuance with configurable validity - Certificate revocation with status tracking - SHA1 fingerprint integration with existing mTLS auth - API endpoints: /pki/status, /pki/ca, /pki/issue, /pki/revoke - CLI commands: fpaste pki status/issue/revoke - Comprehensive test coverage	2025-12-20 17:20:15 +01:00
Username	7deba711d4	entropy: exempt small content from check All checks were successful CI / test (push) Successful in 38s Details Small data has unreliable entropy measurement due to sample size. MIN_ENTROPY_SIZE (default 256 bytes) sets the threshold.	2025-12-20 08:48:13 +01:00
Username	8addf2d9e8	add entropy enforcement for optional encryption requirement All checks were successful CI / test (push) Successful in 38s Details Shannon entropy check rejects low-entropy content when MIN_ENTROPY > 0. Encrypted data ~7.5-8.0 bits/byte, plaintext ~4.0-5.0 bits/byte. Configurable via FLASKPASTE_MIN_ENTROPY environment variable.	2025-12-20 06:57:50 +01:00
Username	c76a158c18	bump version to 1.1.0, centralize VERSION constant All checks were successful CI / test (push) Successful in 37s Details	2025-12-20 04:21:06 +01:00
Username	ccfd8509cc	docs: add pow, cli client, and head method documentation All checks were successful CI / test (push) Successful in 37s Details	2025-12-20 04:09:08 +01:00
Username	202e927918	add content-hash dedup for abuse prevention Throttle repeated submissions of identical content using SHA256 hash tracking. Configurable via FLASKPASTE_DEDUP_WINDOW and FLASKPASTE_DEDUP_MAX.	2025-12-20 03:31:20 +01:00
Username	8f9868f0d9	flaskpaste: initial commit with security hardening Features: - REST API for text/binary pastes with MIME detection - Client certificate auth via X-SSL-Client-SHA1 header - SQLite with WAL mode for concurrent access - Automatic paste expiry with LRU cleanup Security: - HSTS, CSP, X-Frame-Options, X-Content-Type-Options - Cache-Control: no-store for sensitive responses - X-Request-ID tracing for log correlation - X-Proxy-Secret validation for defense-in-depth - Parameterized queries, input validation - Size limits (3 MiB anon, 50 MiB auth) Includes /health endpoint, container support, and 70 tests.	2025-12-16 04:42:18 +01:00

20 Commits