alexei.dolgolyov/web-app-launcher
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
26 Commits 3 Branches 1 Tag
54a30ca4caf60869a01b2a987ef9835c86caf4b8
Commit Graph

2 Commits

Author SHA1 Message Date
alexei.dolgolyov 395ed821b7 fix: address all final review findings for Phase 3 
- CRITICAL: Fix command injection in discoveryService (execFile instead
  of exec, path validation regex)
- CRITICAL: Add Zod validation on discover API endpoint
- HIGH: Add Zod validation on discover/approve endpoint
- HIGH: Add array length limits to import schema (1000/100/100)
- HIGH: Fix theme broadcast echo loop (setTimeout vs queueMicrotask)
- MEDIUM: Singleton BroadcastChannel instead of create-per-send
- MEDIUM: Exclude sensitive APIs from service worker cache
- MEDIUM: Fix TypeScript cast errors in exportService tests
 2026-03-25 01:28:24 +03:00
alexei.dolgolyov dd6958b4d6 feat(phase3): PWA, auto-discovery, bookmarklet, multi-tab sync 
- PWA: manifest, service worker (cache-first static, network-first API),
  offline page, install prompt banner
- Auto-discovery: Docker socket + Traefik API scanning, approval UI
- Quick-add bookmarklet: popup-based add page, favicon auto-detect
- Multi-tab sync: BroadcastChannel for theme + data changes
- i18n translations for all new strings (EN/RU)
 2026-03-25 00:59:19 +03:00