Hynes/Void-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: 2.0.0-alpha.9 — security & correctness hardening (Void 3.0 quick wins)

Browse Source 
- Q3: prod void DB role NOSUPERUSER (vector marked trusted; deploy/README documents it)
- Q4: buildChildEnv allow-list for the claude subprocess (no OWNER_TOKEN/DATABASE_URL/secrets leak)
- Q5: pending-change approve claims-before-applying + reopens on failure (no re-approvable dup)
- Q6: /capture/upload validates space_id (UUID+existence); pg pool statement_timeout 30s
- Q9: disabled failing syncoid-donatello timer on Z

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
root
2026-06-03 07:54:57 +10:00
parent 1e1d0c539d
commit 925cb0d7d6
12 changed files with 150 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server.js
View File

@@ -9,7 +9,7 @@ import { router as ingestRouter } from './lib/api/routes/ingest.js';
import { router as iconsRouter } from './lib/api/routes/icons.js';
import { startCron } from './lib/cron/index.js';
const VERSION = '2.0.0-alpha.8';
const VERSION = '2.0.0-alpha.9';
export function createApp() {
const app = express();