username/flaskpaste
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
87 Commits 1 Branch 0 Tags
89eee3378acabe569fdb33defaa532305ca2a876
Commit Graph

7 Commits

Author SHA1 Message Date
Username
89eee3378a security: implement pentest remediation (PROXY-001, BURN-001, RATE-001)
All checks were successful
CI / Lint & Format (push) Successful in 18s
Details
CI / Security Scan (push) Successful in 22s
Details
CI / Memory Leak Check (push) Successful in 21s
Details
CI / Tests (push) Successful in 1m16s
Details 
PROXY-001: Add startup warning when TRUSTED_PROXY_SECRET empty in production
- validate_security_config() checks for missing proxy secret
- Additional warning when PKI enabled without proxy secret
- Tests for security configuration validation

BURN-001: HEAD requests now trigger burn-after-read deletion
- Prevents attacker from probing paste existence before retrieval
- Updated test to verify new behavior

RATE-001: Add RATE_LIMIT_MAX_ENTRIES to cap memory usage
- Default 10000 unique IPs tracked
- Prunes oldest entries when limit exceeded
- Protects against memory exhaustion DoS

Test count: 284 -> 291 (7 new security tests)
 2025-12-24 21:42:15 +01:00
Username
4577a1d7e4 docs: update for systemd and rate limit headers
Some checks failed
CI / Lint & Format (push) Successful in 19s
Details
CI / Security Scan (push) Successful in 23s
Details
CI / Memory Leak Check (push) Successful in 22s
Details
CI / Tests (push) Failing after 46s
Details
2025-12-24 20:05:30 +01:00
Username
37d2ccef0f docs: update for v1.5.0 public registration feature
Some checks failed
CI / Lint & Format (push) Failing after 15s
Details
CI / Tests (push) Has been skipped
Details
CI / Security Scan (push) Failing after 19s
Details
2025-12-21 12:34:35 +01:00
Username
b47c26dd14 docs: update for v1.4.0 features
Some checks failed
CI / Lint & Format (push) Successful in 16s
Details
CI / Security Scan (push) Failing after 19s
Details
CI / Tests (push) Failing after 35s
Details 
- Add anti-flood, rate limiting, scheduled cleanup to feature lists
- Update version to 1.4.0, test count to 205
- Document /pastes endpoint with query parameters
- Add anti-flood fields to /challenge response
- Update CLI docs with new commands (list, search, export)
- Add decision log entries for recent features
 2025-12-20 21:36:09 +01:00
Username
486bac1d85 docs: update project status for v1.2.0
Some checks failed
CI / Lint & Format (push) Failing after 17s
Details
CI / Tests (push) Has been skipped
Details
CI / Security Scan (push) Failing after 27s
Details
2025-12-20 17:24:41 +01:00
Username
260d6e894d update project documentation
Some checks failed
CI / Lint & Format (push) Failing after 17s
Details
CI / Tests (push) Has been skipped
Details
CI / Security Scan (push) Failing after 27s
Details
2025-12-20 17:20:40 +01:00
Username
4cb29fa3d2 add project structure files 2025-12-20 03:31:37 +01:00