Username
cf27bd3f6a
containerfile: pin wheel>=0.46.2 (CVE-2026-24049)
CI / Security Scan (push) Successful in 33s
CI / Lint & Format (push) Successful in 37s
CI / Security Tests (push) Successful in 42s
CI / Unit Tests (push) Successful in 1m4s
CI / Advanced Security Tests (push) Successful in 27s
CI / Memory Leak Check (push) Successful in 29s
CI / Fuzz Testing (push) Successful in 39s
CI / SBOM Generation (push) Successful in 30s
CI / Build & Push Image (push) Successful in 39s
CI / Harbor Vulnerability Scan (push) Successful in 37s
2026-02-16 22:26:56 +01:00
Username
60652e96b4
containerfile: consolidate to single alpine image
CI / Lint & Format (push) Successful in 22s
CI / Security Scan (push) Successful in 20s
CI / Advanced Security Tests (push) Successful in 17s
CI / Memory Leak Check (push) Successful in 19s
CI / Security Tests (push) Successful in 26s
CI / Unit Tests (push) Successful in 33s
CI / Build & Push Image (push) Failing after 2s
CI / Harbor Vulnerability Scan (push) Has been skipped
CI / SBOM Generation (push) Successful in 19s
CI / Fuzz Testing (push) Successful in 26s
2026-01-21 12:17:47 +01:00
Username
f5f2f8f363
containerfile: remove vendored jaraco from setuptools, purge pip cache
CI / Security Scan (push) Successful in 22s
CI / Lint & Format (push) Successful in 24s
CI / Advanced Security Tests (push) Successful in 17s
CI / Memory Leak Check (push) Successful in 20s
CI / Security Tests (push) Successful in 26s
CI / Unit Tests (push) Successful in 34s
CI / SBOM Generation (push) Successful in 20s
CI / Fuzz Testing (push) Successful in 26s
CI / Build & Push Image (push) Successful in 39s
CI / Harbor Vulnerability Scan (push) Successful in 37s
2026-01-20 08:28:26 +01:00
Username
ee0e1211a6
containerfile: remove vendored jaraco.context dist-info
...
CI / Lint & Format (push) Successful in 23s
CI / Security Scan (push) Successful in 22s
CI / Memory Leak Check (push) Successful in 20s
CI / SBOM Generation (push) Successful in 22s
CI / Security Tests (push) Successful in 26s
CI / Unit Tests (push) Successful in 33s
CI / Advanced Security Tests (push) Successful in 16s
CI / Build & Push Image (push) Successful in 40s
setuptools vendors jaraco.context 5.3.0 internally; Trivy detects
this even with 6.1.0 installed separately. Remove the vendored
dist-info to silence the false positive.
2026-01-18 16:29:41 +01:00
Username
278ad73778
containerfile: fix jaraco.context CVE and consolidate
...
- explicitly install jaraco.context>=6.1.0 in runtime stage
to override vendored copy in setuptools (GHSA-58pv-8j8x-9vj2)
- remove redundant installs from builder (requirements.txt
already pins setuptools>=80.0 and jaraco.context>=6.1.0)
- consolidate runtime pip install into single command
- remove redundant comments
2026-01-18 12:09:53 +01:00
Username
cc1bba9a57
container: upgrade system setuptools to fix jaraco.context CVE
CI / Security Scan (push) Successful in 21s
CI / Lint & Format (push) Successful in 23s
CI / Advanced Security Tests (push) Successful in 16s
CI / Memory Leak Check (push) Successful in 20s
CI / Security Tests (push) Successful in 26s
CI / Unit Tests (push) Successful in 34s
CI / SBOM Generation (push) Successful in 20s
CI / Build & Push Image (push) Successful in 20s
2026-01-18 11:12:17 +01:00
Username
6c0e2ab07f
container: use apt instead of apt-get
CI / Lint & Format (push) Successful in 22s
CI / Security Scan (push) Successful in 20s
CI / Advanced Security Tests (push) Successful in 15s
CI / Memory Leak Check (push) Successful in 20s
CI / Security Tests (push) Successful in 25s
CI / Unit Tests (push) Successful in 33s
CI / SBOM Generation (push) Successful in 20s
CI / Build & Push Image (push) Successful in 33s
2026-01-18 10:46:47 +01:00
Username
ba0e591dda
container: clean apt caches and upgrade setuptools for CVE fix
CI / Lint & Format (push) Successful in 22s
CI / Security Scan (push) Successful in 21s
CI / Advanced Security Tests (push) Successful in 15s
CI / Memory Leak Check (push) Successful in 19s
CI / Security Tests (push) Successful in 25s
CI / Unit Tests (push) Successful in 33s
CI / SBOM Generation (push) Successful in 19s
CI / Build & Push Image (push) Successful in 32s
2026-01-18 10:44:24 +01:00
Username
4e38517faf
pki: add minimal certificate authority
...
- CA generation with encrypted private key storage (AES-256-GCM)
- Client certificate issuance with configurable validity
- Certificate revocation with status tracking
- SHA1 fingerprint integration with existing mTLS auth
- API endpoints: /pki/status, /pki/ca, /pki/issue, /pki/revoke
- CLI commands: fpaste pki status/issue/revoke
- Comprehensive test coverage
2025-12-20 17:20:15 +01:00
Username
2272b1ff12
add /client endpoint to download fpaste CLI
CI / test (push) Successful in 38s
2025-12-20 05:19:20 +01:00
Username
8f9868f0d9
flaskpaste: initial commit with security hardening
...
Features:
- REST API for text/binary pastes with MIME detection
- Client certificate auth via X-SSL-Client-SHA1 header
- SQLite with WAL mode for concurrent access
- Automatic paste expiry with LRU cleanup
Security:
- HSTS, CSP, X-Frame-Options, X-Content-Type-Options
- Cache-Control: no-store for sensitive responses
- X-Request-ID tracing for log correlation
- X-Proxy-Secret validation for defense-in-depth
- Parameterized queries, input validation
- Size limits (3 MiB anon, 50 MiB auth)
Includes /health endpoint, container support, and 70 tests.
2025-12-16 04:42:18 +01:00
