openclaw/oikos
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
588 Commits 3 Branches 0 Tags
5062e1e61fc00dfa2e59c274c5e8265292d535c4
Commit Graph

6 Commits

Author SHA1 Message Date
Ulas Kalayci 196e8a7d17 chore: add installer files to .dockerignore and update docs 
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-21 13:23:51 +02:00
Ulas 517e4454d0 fix(docker): exclude database files from Docker build context 
*.db files were missing from .dockerignore - local builds could
accidentally include the live oikos.db with real user data.
 2026-04-05 16:36:45 +02:00
Ulas 6e0eda8ba4 fix(security): address multiple security findings from audit 
- Fix SQLCipher PRAGMA key interpolation (hex-encode key to prevent crash on single quotes)
- Enforce min password length (8 chars) on admin user creation
- Add length bounds on username/display_name and login inputs
- Invalidate other sessions on password change
- Multi-stage Docker build (exclude build tools from runtime)
- Exclude docs/ from Docker image
- Consolidate dotenv.config() to single entry point
- Document flat family authorization model in SECURITY.md

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-03 09:11:17 +02:00
Ulas 58b9d8e0ac chore: repository audit — fix CHANGELOG links, clean .dockerignore 
Fix [Unreleased] compare link (v0.5.1→v0.5.2), add missing [0.5.2]
compare link, remove phantom social-preview.html from .dockerignore.
Add full repo audit document.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-02 14:25:16 +02:00
Ulas c59338fe2c chore: repository hygiene — P2 cleanup 
- .gitignore: add coverage/ and data/ patterns
- .dockerignore: exclude screenshots, tests, scripts, .github, docs
  assets from build context for faster Docker builds
- Delete docs/social-preview.html (one-time generator, no longer needed)
- Delete public/locales/.gitkeep (directory has de.json and en.json)
- scripts/seed-demo.js: replace hardcoded absolute path with portable
  resolve(__dirname, '..', 'data', 'oikos.db') default
- Add .github/PULL_REQUEST_TEMPLATE.md with summary, changes, checklist

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-02 14:19:27 +02:00
ulsklyc 862ba8d9d7 fix: .dockerignore + LAN port binding 
- Add .dockerignore to prevent host node_modules (GLIBC 2.38) from
  overwriting container-built binaries (GLIBC 2.36), fixing
  better-sqlite3 ERR_DLOPEN_FAILED crash
- Bind port to 0.0.0.0 for LAN access

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-26 13:16:31 +01:00