openclaw/oikos
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
181 Commits 3 Branches 0 Tags
91c2e0ad9869a2cf7d47e7d59229ee30d1b3bb6e
Commit Graph

4 Commits

Author SHA1 Message Date
Ulas 91c2e0ad98 fix: address CodeQL security findings (v0.5.2) 
- Rate-limit SPA fallback route (missing rate limiting on fs access)
- Add csrfMiddleware to all state-changing auth routes (logout, create
  user, change password, delete user) — previously bypassed global CSRF
  middleware due to router registration order
- Fix incomplete vCard escaping: escape backslashes before other special
  characters to prevent injection via contact fields
- Restrict CI GITHUB_TOKEN to contents: read (least privilege)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-01 18:30:03 +02:00
Ulas f39152cf7e ci: add GitHub Actions workflow for automated tests 
Runs npm test on push and pull requests to main.
Matrix covers Node.js 22.x and 24.x.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-01 11:42:56 +02:00
ulsklyc ed605eb181 Add files via upload 2026-03-28 13:41:57 +01:00
ulsklyc 9b3bd96f69 Create bug report issue template 
Add a bug report template for GitHub issues.
 2026-03-28 13:41:32 +01:00