From 9ff44b7e65d430d8e621dac14e3cd69b807dc020 Mon Sep 17 00:00:00 2001
From: sneak <sneak@sneak.berlin>
Date: Thu, 8 Jan 2026 03:02:24 -0800
Subject: [PATCH] Update TODO.md with completed core features

---
 TODO.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/TODO.md b/TODO.md
index f9d9086..86e6fa3 100644
--- a/TODO.md
+++ b/TODO.md
@@ -17,13 +17,13 @@ A single linear checklist of tasks to implement the complete pixa caching image
 - [x] Verify basic server starts and healthcheck works
 
 ## Core Image Proxy Features
-- [ ] Implement URL parsing for `/v1/image/<host>/<path>/<size>.<format>`
-- [ ] Implement upstream HTTP client with TLS verification
-- [ ] Implement SSRF protection (block private/internal IPs)
-- [ ] Implement source host whitelist checking
-- [ ] Implement HMAC-SHA256 signature generation
-- [ ] Implement HMAC-SHA256 signature verification
-- [ ] Implement signature expiration checking
+- [x] Implement URL parsing for `/v1/image/<host>/<path>/<size>.<format>`
+- [x] Implement upstream HTTP client with TLS verification
+- [x] Implement SSRF protection (block private/internal IPs)
+- [x] Implement source host whitelist checking
+- [x] Implement HMAC-SHA256 signature generation
+- [x] Implement HMAC-SHA256 signature verification
+- [x] Implement signature expiration checking
 - [ ] Implement upstream fetch with timeout and size limits
 - [ ] Implement Content-Type validation (whitelist MIME types)
 - [ ] Implement magic byte verification