This website requires JavaScript.
dedc729f37
refactor: extract magic byte detection into internal/magic package
2026-03-25 17:46:40 -07:00
e34743f070
refactor: extract whitelist package from internal/imgcache (#41 )
clawbot
2026-03-25 20:44:56 +01:00
7010d55d72
Move schema_migrations table creation into 000.sql (#36 )
clawbot
2026-03-25 02:20:52 +01:00
a50364bfca
Enforce and document exact-match-only for signature verification (#40 )
clawbot
2026-03-20 23:56:45 +01:00
e85b5ff033
Consolidate appname to internal/globals as a constant (#34 )
clawbot
2026-03-20 07:04:54 +01:00
55a609dd77
Bound imageprocessor.Process input read to prevent unbounded memory use (#37 )
clawbot
2026-03-20 07:01:15 +01:00
9c29cb57df
feat: parse version prefix from migration filenames (#33 )
clawbot
2026-03-18 03:18:38 +01:00
35af9c99d5
Add µPaaS deployment setup for fsn1app1
2026-03-17 02:17:15 -07:00
e241b99d22
remove suffix matching from host whitelist
2026-03-17 01:55:19 -07:00
55bb620de0
docs: update README and config to reflect exact-match-only whitelist
2026-03-15 11:18:44 -07:00
215ddb7f72
fix: remove suffix matching from host whitelist
2026-03-15 11:18:25 -07:00
27739da046
test: add failing tests for removing suffix matching from whitelist
2026-03-15 11:18:01 -07:00
2e934c8894
fix: QA audit fixes for 1.0/MVP readiness (#25 )
clawbot
2026-03-15 17:58:13 +01:00
2f15340f26
Split Dockerfile: pre-built golangci-lint stage for faster CI (#23 )
clawbot
2026-03-02 21:09:51 +01:00
de38b03508
feat: split Dockerfile into dedicated lint and build stages
2026-03-02 00:05:52 -08:00
811c210b09
Merge pull request 'fix: Docker build failures on arm64 (closes #15 )' (#16 ) from fix/docker-multiarch-lint into main
Jeffrey Paul
2026-02-25 20:51:44 +01:00
18b6f86eec
fix: resolve all 16 lint failures — make check passes clean
2026-02-20 03:20:23 -08:00
28771144bf
ci: pin golangci-lint go install to commit hash
2026-02-20 03:08:39 -08:00
c01222a597
security: pin CI actions to commit SHAs
2026-02-20 02:58:12 -08:00
06e1cba0a9
ci: add Gitea Actions workflow for make check
2026-02-20 02:48:41 -08:00
5ca64a37ce
fix: detect architecture for golangci-lint download in Docker build
2026-02-25 06:12:47 -08:00
118bca1151
Merge pull request 'bring repo into compliance with repo policies' (#14 ) from chore/repo-compliance into main
Jeffrey Paul
2026-02-25 14:52:56 +01:00
85729d9181
fix: update Dockerfile to Go 1.25.4 and resolve gosec lint findings
2026-02-25 05:44:49 -08:00
a1c0ae0a44
fix: auto-detect native deps, skip nix-shell in Docker
sneak
2026-02-25 20:11:02 +07:00
429926fb71
chore: use nix-shell for CGO-dependent Makefile targets
sneak
2026-02-25 20:08:04 +07:00
ce6db7627d
fix: resolve all golangci-lint errors
sneak
2026-02-25 19:58:37 +07:00
454de2f170
fix: restore original whitelist hosts in config.example.yml
sneak
2026-02-25 19:53:23 +07:00
133d9e5a4a
chore: consolidate duplicate example config files
sneak
2026-02-25 19:48:03 +07:00
73f1073d61
chore: restructure README with required policy sections
sneak
2026-02-25 19:47:34 +07:00
d0fe5e7334
chore: pin Docker images by hash and run make check in build
sneak
2026-02-25 19:47:14 +07:00
c4fc1e1548
chore: update .dockerignore to policy standards
sneak
2026-02-25 18:22:35 +07:00
39fa0a5d05
chore: update .gitignore to policy standards
sneak
2026-02-25 18:22:33 +07:00
2f53b49a88
chore: add Gitea Actions CI workflow
sneak
2026-02-25 18:22:24 +07:00
ce360880f7
chore: add REPO_POLICIES.md from prompts repo
sneak
2026-02-25 18:22:19 +07:00
9d71fabdd7
chore: add GPL-3.0 LICENSE file
sneak
2026-02-25 18:22:13 +07:00
8a2b630864
chore: add .editorconfig
sneak
2026-02-25 18:18:06 +07:00
0000188265
chore: add hooks target and 30s test timeout to Makefile
sneak
2026-02-25 18:18:00 +07:00
f702e64139
Merge pull request 'chore: remove local dev config files' (#12 ) from chore/remove-stale-files into main
Jeffrey Paul
2026-02-20 12:05:28 +01:00
c4368b1541
chore: remove local dev config files
2026-02-20 02:59:30 -08:00
2fb36c5ccb
Merge pull request 'fix: propagate AllowHTTP to SourceURL() scheme selection (closes #1 )' (#6 ) from fix/issue-1 into main
Jeffrey Paul
2026-02-09 01:41:31 +01:00
40c4b53b01
fix: propagate AllowHTTP to SourceURL() scheme selection
2026-02-08 15:58:02 -08:00
b800ef86d8
Merge pull request 'fix: check negative cache in Service.Get() before fetching upstream (closes #3 )' (#8 ) from fix/issue-3 into main
Jeffrey Paul
2026-02-09 01:32:26 +01:00
3d857da237
Merge branch 'main' into fix/issue-3
Jeffrey Paul
2026-02-09 01:32:17 +01:00
46a92c3514
Merge pull request 'fix: correct Stats() column scanning and HitRate computation (closes #4 )' (#9 ) from fix/issue-4 into main
Jeffrey Paul
2026-02-09 01:31:18 +01:00
39354e41c3
Merge branch 'main' into fix/issue-4
Jeffrey Paul
2026-02-09 01:31:03 +01:00
d1eff1315b
Merge pull request 'fix: encode source query in GenerateSignedURL to avoid malformed URLs (closes #2 )' (#7 ) from fix/issue-2 into main
Jeffrey Paul
2026-02-09 01:30:51 +01:00
814c735295
Merge branch 'main' into fix/issue-2
Jeffrey Paul
2026-02-09 01:29:07 +01:00
7ce6f81d8d
Merge pull request 'fix: guard against division by zero when fetchBytes is 0 (closes #5 )' (#10 ) from fix/issue-5 into main
Jeffrey Paul
2026-02-09 01:05:24 +01:00
e651e672aa
fix: check negative cache in Service.Get() before fetching upstream
2026-02-08 15:59:00 -08:00
79ceed2ee4
fix: guard against division by zero when fetchBytes is 0
2026-02-08 15:59:51 -08:00
e3b346e881
fix: correct Stats() to scan only hit/miss counts, compute HitRate properly
2026-02-08 15:59:27 -08:00
0ff3071337
fix: encode source query in GenerateSignedURL to avoid malformed URLs
2026-02-08 15:58:32 -08:00
be293906bc
Add type-safe hash types for cache storage
sneak
2026-01-08 16:55:20 -08:00
555f150179
Add additional hosts to dev whitelist
sneak
2026-01-08 16:14:05 -08:00
87a8393537
Change encrypted URL format to /v1/e/{token}/img.{ext}
sneak
2026-01-08 16:14:01 -08:00
6ab0d4a5b9
Simplify log source to file.go:line format
sneak
2026-01-08 16:13:56 -08:00
982accd549
Suppress verbose vips logging output
sneak
2026-01-08 16:13:52 -08:00
3849128c45
Remove runtime nil checks for always-initialized components
sneak
2026-01-08 15:58:44 -08:00
02dedd433b
Require signing_key at startup, add default config
sneak
2026-01-08 15:48:37 -08:00
d2e2e319be
Create /var/lib/pixa directory in Docker image for database/cache
sneak
2026-01-08 15:34:48 -08:00
fc49e69d8b
Add make devserver target for local Docker development
sneak
2026-01-08 15:19:27 -08:00
78f844fca5
Switch to govips for native CGO image processing
sneak
2026-01-08 15:16:34 -08:00
4b2d85010e
Add two-stage Dockerfile with CGO support
sneak
2026-01-08 15:05:49 -08:00
467237c849
Add AVIF option to URL generator
sneak
2026-01-08 13:12:51 -08:00
ca4446e10a
Implement AVIF encoding support
sneak
2026-01-08 13:12:34 -08:00
32f9166ece
Add failing test for AVIF encoding
sneak
2026-01-08 13:11:12 -08:00
1bdf0a9424
Implement AVIF decoding support
sneak
2026-01-08 13:10:34 -08:00
615586fcea
Add failing test for AVIF decoding
sneak
2026-01-08 13:09:40 -08:00
9bfae69ccf
Fix logging: add response_bytes to middleware, cache_key to handler
sneak
2026-01-08 13:05:10 -08:00
e5135b3697
Add 1-minute expiration option and quality presets to URL generator
sneak
2026-01-08 12:52:14 -08:00
77c6744383
Add upstream connection info and download metrics to logging
sneak
2026-01-08 12:47:31 -08:00
7d0ac0a139
Remove Buildarch from ldflags, use runtime.GOARCH instead
sneak
2026-01-08 12:38:24 -08:00
15d9439e3d
Add fetch/conversion metrics and improve logging
sneak
2026-01-08 12:34:26 -08:00
4426387d1c
Fix hot cache to include ContentType and SizeBytes
sneak
2026-01-08 12:28:17 -08:00
51a1ae4a13
Add failing test for hot cache ContentType
sneak
2026-01-08 12:25:01 -08:00
10b5cc7063
Fix proportional scaling when single dimension is 0
sneak
2026-01-08 12:20:58 -08:00
817d760b4d
Add failing tests for proportional scaling
sneak
2026-01-08 12:20:19 -08:00
70d55977c0
Add WebP encoding support
sneak
2026-01-08 11:55:45 -08:00
0c9eb35bd2
Add failing test for WebP encoding support
sneak
2026-01-08 11:54:03 -08:00
aab43db44a
Add WebP and AVIF encoding support to P0 TODO
sneak
2026-01-08 11:12:59 -08:00
064ab10607
Add no-silent-fallback rule to CLAUDE.md
sneak
2026-01-08 11:08:33 -08:00
37af10cc2b
Update generator form for supported formats and Never expiry
sneak
2026-01-08 11:08:28 -08:00
b55b75cbe7
Fix silent fallbacks for unsupported formats and fit modes
sneak
2026-01-08 11:08:22 -08:00
df6d347e68
Add tests for unsupported output format errors
sneak
2026-01-08 11:08:16 -08:00
014c144d73
Add 'Never' expiry option for encrypted URLs
sneak
2026-01-08 11:08:11 -08:00
d9f4e2038e
Add manual test script for auth and encrypted URLs
sneak
2026-01-08 10:53:02 -08:00
b233871241
Add detailed logging for image conversions on cache miss
sneak
2026-01-08 10:44:34 -08:00
02de534cc2
Reorganize TODO.md: remove completed, prioritize for 1.0
sneak
2026-01-08 10:41:00 -08:00
d8bb374f73
Merge feature/http-response-handling: ETag, HEAD, conditional requests
sneak
2026-01-08 10:09:14 -08:00
774ee97ba1
Update TODO.md: mark HTTP response handling items complete
sneak
2026-01-08 10:09:10 -08:00
1f809a6fc9
Implement ETag, HEAD requests, and conditional requests
sneak
2026-01-08 10:08:38 -08:00
4df3e44eff
Add failing tests for ETag, HEAD requests, and conditional requests
sneak
2026-01-08 10:06:18 -08:00
aed9dd6e8d
Merge feature/graceful-shutdown-and-sanitization: Add security headers middleware
sneak
2026-01-08 10:02:34 -08:00
6f423af65d
Update TODO.md: mark graceful shutdown and sanitization as complete
sneak
2026-01-08 10:02:29 -08:00
2e349a8b83
Implement security headers middleware
sneak
2026-01-08 10:02:17 -08:00
5de7a26735
Add failing tests for security headers middleware
sneak
2026-01-08 10:01:36 -08:00
9592175238
Merge feature/security-validations: Add input dimension and path traversal validation
sneak
2026-01-08 08:50:43 -08:00
90be4e7763
Update TODO.md: mark security validations as complete
sneak
2026-01-08 08:50:37 -08:00
95408e68d4
Implement max input dimensions and path traversal validation
sneak
2026-01-08 08:50:18 -08:00
c964feac7e
Add failing tests for input dimension and path traversal validation
sneak
2026-01-08 08:48:11 -08:00
user
clawbot
clawbot
Jeffrey Paul
clawbot
clawbot
clawbot
clawbot