0e0c97c203
Architecture review (all P0+P1 issues now fixed): - Add 10s timeout to 6 bare Nostr client.connect() calls - Pin all 12 crypto deps to exact versions from Cargo.lock - Pin all 15 floating container image tags to exact patch versions - Add CI pipeline (cargo fmt + clippy + tests, frontend type-check + build) Self-update system (git.tx1138.com): - scripts/self-update.sh: pull, build, install, restart with rollback - systemd timer checks daily at 3 AM - update.check RPC does git-based checks when repo is present - update.git-apply RPC triggers self-update from UI - Default update URL changed from GitHub to git.tx1138.com - Git added to ISO package list for fresh installs Documentation: - CHANGELOG v1.3.1 with all changes - README updated (version, update system section) - BETA-PROGRESS session #6 logged - architecture-review.html: 4 issues marked FIXED, 8/12 refactoring done Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
17 lines
759 B
JSON
17 lines
759 B
JSON
{
|
|
"version": "1.3.0",
|
|
"release_date": "2026-03-25",
|
|
"changelog": [
|
|
"Architecture review: all P0 and P1 issues fixed",
|
|
"Nostr connection timeouts (10s) on all relay calls — prevents indefinite hangs",
|
|
"All crypto dependencies pinned to exact versions (supply chain hardening)",
|
|
"All container images pinned to exact patch versions (reproducible installs)",
|
|
"CI pipeline: cargo fmt + clippy + tests, frontend type-check + build",
|
|
"Update system now fetches from git.tx1138.com (self-hosted Gitea)",
|
|
"Full penetration test remediation (33 findings, all addressed)",
|
|
"Rootless Podman: all 30 containers run without root",
|
|
"CSRF fix, Argon2id migration, RBAC hardening, session token rotation"
|
|
],
|
|
"components": []
|
|
}
|