mirror of
https://github.com/rcourtman/Pulse.git
synced 2026-05-13 23:54:03 +00:00
28f9d9db53
Security Features Added: - Secure-by-default configuration export/import with ALLOW_UNPROTECTED_EXPORT environment variable - Rate limiting (5 attempts/minute) to prevent brute force attacks on sensitive endpoints - Comprehensive audit logging for all export/import attempts with IP tracking - Frontend Security tab showing API protection status and configuration guidance - Frontend now shows when export is blocked and disables buttons appropriately - Strong passphrase requirement (minimum 12 characters) for exports Technical Implementation: - New RateLimiter component with automatic cleanup and middleware support - Security status API endpoint showing protection state - Enhanced error messaging with specific guidance for homelab vs production use - Proper authentication flow with API token validation - Updated documentation reflecting new security model Breaking Changes: - Export/import now requires API_TOKEN unless ALLOW_UNPROTECTED_EXPORT=true is set - Minimum passphrase length increased from none to 12 characters Additional Improvements: - Fixed architecture-specific updates for better cross-platform support - Removed RC label from UI header - Updated security documentation with clear setup instructions |
||
|---|---|---|
| .. | ||
| adapters | ||
| alerts | ||
| api | ||
| config | ||
| crypto | ||
| errors | ||
| interfaces | ||
| models | ||
| monitoring | ||
| notifications | ||
| types | ||
| updates | ||
| utils | ||
| websocket | ||