cqrenet/aoc
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 29 Wiki Activity
Files
7fe53f882a5f1901dc9d07ebb704dfbd0ef20bb6
aoc/backend/routes
History
Tomas Kracmar d01e7801ed
All checks were successful
CI / lint-and-test (push) Successful in 51s
Details
Release / build-and-push (push) Successful in 1m57s
Details
security: v1.7.7 hardening release 
- Add WEBHOOK_CLIENT_SECRET validation for Graph webhooks
- Add Redis-backed rate limiting (fetch/ask/write/default tiers)
- Validate LLM_BASE_URL to prevent SSRF (HTTPS only, block private IPs)
- Enforce non-wildcard CORS when AUTH_ENABLED=true
- Add Content-Security-Policy headers
- Fix audit middleware to use verified JWT claims via contextvars
- Cap bulk_tags updates to 10,000 documents
- Return generic error messages to clients (no internal detail leakage)
- Strict AlertCondition Pydantic model for alert rules
- Security warning on MCP stdio server startup
- Remove MongoDB/Redis host ports from docker-compose
- Remove mongo_query from /ask API response
2026-04-27 09:16:57 +02:00
..
alerts.py
feat: Admin Operations SIEM — alerts, notifications, pre-built rules
2026-04-22 14:12:36 +02:00
ask.py
security: v1.7.7 hardening release
2026-04-27 09:16:57 +02:00
config.py
feat: clickable pills, configurable page size, CQRE.NET branding
2026-04-22 11:53:01 +02:00
events.py
security: v1.7.7 hardening release
2026-04-27 09:16:57 +02:00
fetch.py
security: v1.7.7 hardening release
2026-04-27 09:16:57 +02:00
health.py
style: apply ruff formatting to all backend files
2026-04-16 18:58:41 +02:00
jobs.py
feat: Redis caching + async queue for LLM scaling (v1.6.0)
2026-04-22 09:55:05 +02:00
mcp.py
feat: MCP server over SSE with OIDC auth
2026-04-21 07:38:12 +02:00
rules.py
feat: implement Phase 4 enhancements
2026-04-14 15:38:39 +02:00
saved_searches.py
feat: saved searches (bookmarks)
2026-04-22 07:04:07 +02:00
webhooks.py
security: v1.7.7 hardening release
2026-04-27 09:16:57 +02:00