oikos

Author	SHA1	Message	Date
Ulas	6e0eda8ba4	fix(security): address multiple security findings from audit - Fix SQLCipher PRAGMA key interpolation (hex-encode key to prevent crash on single quotes) - Enforce min password length (8 chars) on admin user creation - Add length bounds on username/display_name and login inputs - Invalidate other sessions on password change - Multi-stage Docker build (exclude build tools from runtime) - Exclude docs/ from Docker image - Consolidate dotenv.config() to single entry point - Document flat family authorization model in SECURITY.md Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-03 09:11:17 +02:00
Ulas	58b9d8e0ac	chore: repository audit — fix CHANGELOG links, clean .dockerignore Fix [Unreleased] compare link (v0.5.1→v0.5.2), add missing [0.5.2] compare link, remove phantom social-preview.html from .dockerignore. Add full repo audit document. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-02 14:25:16 +02:00
Ulas	c59338fe2c	chore: repository hygiene — P2 cleanup - .gitignore: add coverage/ and data/ patterns - .dockerignore: exclude screenshots, tests, scripts, .github, docs assets from build context for faster Docker builds - Delete docs/social-preview.html (one-time generator, no longer needed) - Delete public/locales/.gitkeep (directory has de.json and en.json) - scripts/seed-demo.js: replace hardcoded absolute path with portable resolve(__dirname, '..', 'data', 'oikos.db') default - Add .github/PULL_REQUEST_TEMPLATE.md with summary, changes, checklist Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-02 14:19:27 +02:00
ulsklyc	862ba8d9d7	fix: .dockerignore + LAN port binding - Add .dockerignore to prevent host node_modules (GLIBC 2.38) from overwriting container-built binaries (GLIBC 2.36), fixing better-sqlite3 ERR_DLOPEN_FAILED crash - Bind port to 0.0.0.0 for LAN access Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-26 13:16:31 +01:00

4 Commits