alexei.dolgolyov
e0bae394ee
Backend security: - Reject Gitea webhooks when webhook_secret is empty (was silently skipping) - Add slowapi rate limiting on login (5/min) and setup (3/min) endpoints - Add CORS middleware with configurable origins - Mask telegram_webhook_secret in settings API response - Protect system-owned command template configs from regular user modification - Increase minimum password length to 8 characters Backend performance: - Batch queries in _resolve_command_context (3 queries instead of 3N) - Concurrent album fetching with asyncio.gather in immich commands - Singleton Jinja2 SandboxedEnvironment (reuse instead of per-render creation) - TTLCache for rate limits (bounded memory, auto-eviction) - Optional aiohttp session reuse in send_reply/send_media_group Backend code quality: - Extract dispatch_helpers.py (shared link_data loading + event filtering) - Extract database/seeds.py from main.py (490 lines → dedicated module) - Split immich_handler.py (415 lines) into commands/immich/ subpackage - Replace bare except blocks with logged warnings - Add per-provider config validation (Pydantic models) - Truncate command input to 512 chars - Expose usage_* and desc_* slots in capabilities and variables API Frontend security: - CSS.escape() for user-controlled querySelector in highlight.ts - Client-side password min 8 chars validation on setup and password change Frontend code quality: - Replace any types with proper interfaces across top files - Decompose targets/+page.svelte into TargetForm + ReceiverSection - Fix $derived.by usage, $state mutation patterns - Add console.warn to empty catch blocks Frontend UX: - Auth redirect via goto() with "Redirecting..." state - Platform-aware Ctrl/Cmd K keyboard hint - Remove stat-card hover transform Frontend accessibility: - Modal: role=dialog, aria-modal, focus trap, restore focus - EntitySelect/IconGridSelect: listbox/option roles, aria-selected/disabled
37 lines
812 B
TOML
37 lines
812 B
TOML
[build-system]
|
|
requires = ["hatchling"]
|
|
build-backend = "hatchling.build"
|
|
|
|
[project]
|
|
name = "notify-bridge-server"
|
|
version = "0.1.0"
|
|
description = "Standalone Notify Bridge server — FastAPI REST API with SQLite database"
|
|
requires-python = ">=3.12"
|
|
dependencies = [
|
|
"notify-bridge-core>=0.1.0",
|
|
"fastapi>=0.115",
|
|
"uvicorn[standard]>=0.32",
|
|
"sqlmodel>=0.0.22",
|
|
"aiosqlite>=0.20",
|
|
"pyjwt>=2.9",
|
|
"bcrypt>=4.2",
|
|
"apscheduler>=3.10,<4",
|
|
"aiohttp>=3.9",
|
|
"pydantic-settings>=2.0",
|
|
"slowapi>=0.1.9",
|
|
"cachetools>=5.3",
|
|
]
|
|
|
|
[project.optional-dependencies]
|
|
dev = [
|
|
"pytest>=8.0",
|
|
"pytest-asyncio>=0.23",
|
|
"httpx>=0.27",
|
|
]
|
|
|
|
[project.scripts]
|
|
notify-bridge = "notify_bridge_server.main:run"
|
|
|
|
[tool.hatch.build.targets.wheel]
|
|
packages = ["src/notify_bridge_server"]
|