vrr/max-telegram-bridge-bot
2
0
Fork 0
mirror of https://github.com/BEARlogin/max-telegram-bridge-bot.git synced 2026-04-28 03:39:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
max-telegram-bridge-bot/migrations/sqlite/000003_pending_created_at.up.sql
Andrey Lugovskoy 62a4233027 Security hardening and admin check tests 
- Webhook paths now include token-derived secret (prevents spoofed updates)
- HTTP server with Read/Write/Idle timeouts (prevents slowloris)
- Shared HTTP client with 60s timeout for all uploads/downloads
- Removed tokens and sensitive data from debug logs
- Retry loop respects context cancellation instead of blocking sleep
- Pending bridge keys expire after 1 hour (migration 000003)
- Increased bridge key entropy from 32 to 64 bits (16 hex chars)
- Docker container runs as non-root user
- Extracted admin check helpers with unit tests

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 15:05:41 +03:00

1 line
70 B
SQL
Raw Blame History

ALTER TABLE pending ADD COLUMN created_at INTEGER NOT NULL DEFAULT 0;
Reference in a new issue View git blame Copy permalink