2026-01-24 22:59:20 +00:00
|
|
|
<template>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<BaseModal :show="showUpdatePrompt" title="Update Available" z-index="z-[9999]" @close="dismissUpdate">
|
2026-02-17 22:10:38 +00:00
|
|
|
<p class="text-white/80 mb-6">
|
|
|
|
|
A new version of Archipelago is available. Update now to get the latest features and fixes.
|
|
|
|
|
</p>
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
<template #footer>
|
|
|
|
|
<div class="flex gap-3 justify-end">
|
|
|
|
|
<button
|
|
|
|
|
@click="dismissUpdate"
|
|
|
|
|
class="px-4 py-2 glass-button rounded-lg text-sm font-medium"
|
|
|
|
|
>
|
|
|
|
|
Later
|
|
|
|
|
</button>
|
|
|
|
|
<button
|
|
|
|
|
@click="handleUpdate"
|
|
|
|
|
class="px-4 py-2 glass-button glass-button-sm rounded-lg text-sm font-medium"
|
|
|
|
|
>
|
|
|
|
|
Update Now
|
|
|
|
|
</button>
|
|
|
|
|
</div>
|
|
|
|
|
</template>
|
|
|
|
|
</BaseModal>
|
2026-01-24 22:59:20 +00:00
|
|
|
</template>
|
|
|
|
|
|
|
|
|
|
<script setup lang="ts">
|
|
|
|
|
import { ref, onMounted } from 'vue'
|
security+feat: v1.3.0 — pentest remediation, container reliability, UI overhaul
Security (33 pentest findings addressed):
- CRITICAL: backend binds 127.0.0.1, path traversal in tor.rs/dwn fixed
- HIGH: federation requires signatures, XSS login redirect, RBAC viewer restricted
- HIGH: tar slip prevention, S3 SSRF validation, backup ID validation
- MEDIUM: remember-me random secret, TOTP session rotation, password re-auth
- LOW: CSP unsafe-inline removed, CORS dev-only, onion/webhook validation
Container reliability:
- Memory limits on all 37 containers (OOM prevention)
- Exited vs stopped state distinction with health-aware status badges
- Crash recovery coordination (no more restart cascade)
- User-stopped tracking survives reboots
- Tiered boot recovery (databases → core → services → apps)
UI:
- Wallet TransactionsModal, health-aware app status badges
- Restart button on containers, exited/crashed red state
- Mesh view overhaul, glass button updates, BaseModal/ToggleSwitch
- Apps sticky header removed, dev faucet, mutable mock wallet
Infrastructure:
- LND REST port 8080 exposed over Tor (LND Connect fix)
- Nginx cookie_session fix, deploy script Tor config updated
- Dev environment: podman auto-start, boot mode simulation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 12:44:31 +00:00
|
|
|
import BaseModal from '@/components/BaseModal.vue'
|
2026-01-24 22:59:20 +00:00
|
|
|
|
|
|
|
|
const showUpdatePrompt = ref(false)
|
|
|
|
|
let updateCallback: (() => Promise<void>) | null = null
|
|
|
|
|
|
|
|
|
|
onMounted(() => {
|
|
|
|
|
// Listen for service worker updates
|
|
|
|
|
if ('serviceWorker' in navigator) {
|
|
|
|
|
navigator.serviceWorker.addEventListener('controllerchange', () => {
|
|
|
|
|
// Service worker updated, reload the page
|
|
|
|
|
window.location.reload()
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Check for updates periodically
|
|
|
|
|
const checkForUpdates = async () => {
|
|
|
|
|
const registration = await navigator.serviceWorker.getRegistration()
|
|
|
|
|
if (registration) {
|
|
|
|
|
await registration.update()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check for updates every 5 minutes
|
|
|
|
|
setInterval(checkForUpdates, 5 * 60 * 1000)
|
|
|
|
|
|
2026-02-17 22:10:38 +00:00
|
|
|
// Check when user returns to tab (helps with cached PWA)
|
|
|
|
|
document.addEventListener('visibilitychange', () => {
|
|
|
|
|
if (document.visibilityState === 'visible') {
|
|
|
|
|
checkForUpdates()
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
2026-01-24 22:59:20 +00:00
|
|
|
// Listen for updatefound event
|
|
|
|
|
navigator.serviceWorker.getRegistration().then((registration) => {
|
|
|
|
|
if (registration) {
|
|
|
|
|
registration.addEventListener('updatefound', () => {
|
|
|
|
|
const newWorker = registration.installing
|
|
|
|
|
if (newWorker) {
|
|
|
|
|
newWorker.addEventListener('statechange', () => {
|
|
|
|
|
if (newWorker.state === 'installed' && navigator.serviceWorker.controller) {
|
|
|
|
|
// New service worker installed, show update prompt
|
|
|
|
|
showUpdatePrompt.value = true
|
|
|
|
|
updateCallback = async () => {
|
|
|
|
|
if (newWorker.state === 'installed' && registration.waiting) {
|
|
|
|
|
// Skip waiting and activate the new service worker
|
|
|
|
|
registration.waiting.postMessage({ type: 'SKIP_WAITING' })
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
function dismissUpdate() {
|
|
|
|
|
showUpdatePrompt.value = false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function handleUpdate() {
|
|
|
|
|
if (updateCallback) {
|
|
|
|
|
await updateCallback()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
</script>
|