Adil Hafeez
|
ce5a221b11
|
Fix code scanning and dependabot security alerts
Code scanning fixes (14 alerts):
- Fix XSS in OG image route by validating request origin against allowlist
- Fix incomplete URL sanitization in blog layout using exact hostname matching
- Bind port-check socket to 127.0.0.1 instead of 0.0.0.0
- Add explicit permissions to 7 GitHub Actions workflows
Dependabot fixes:
- Update @isaacs/brace-expansion 5.0.0 -> 5.0.1 (CVE-2026-25547)
- Update bytes 1.10.1 -> 1.11.1 (CVE-2026-25541)
- Update time 0.3.41 -> 0.3.47 (CVE-2026-25727)
- Update cryptography 45.0.7 -> 46.0.5 (CVE-2026-26007)
- Update python-multipart 0.0.20 -> 0.0.22 (CVE-2026-24486)
- Update urllib3 2.6.2 -> 2.6.3 in test lockfiles (CVE-2026-21441)
- Update Werkzeug 3.1.4 -> 3.1.5 (CVE-2026-21860)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
2026-02-14 04:29:08 +00:00 |
|
Adil Hafeez
|
88d14a205b
|
restructure cli (#656)
|
2025-12-25 14:55:29 -08:00 |
|
Adil Hafeez
|
e7ce00b5a7
|
rename cli to plano (#647)
|
2025-12-23 18:37:58 -08:00 |
|
Adil Hafeez
|
6d6c03a7e8
|
fix docker hub release tag source image name (#468)
|
2025-04-16 13:08:43 -07:00 |
|
Adil Hafeez
|
3eb438550a
|
fix source name for docker images (#467)
|
2025-04-16 12:24:17 -07:00 |
|
Adil Hafeez
|
e17d5fb2eb
|
test docker rel (#466)
|
2025-04-16 12:18:03 -07:00 |
|
Adil Hafeez
|
3cda4d6b69
|
fix docker hub tag (#465)
|
2025-04-16 11:46:12 -07:00 |
|
Adil Hafeez
|
ceca553399
|
fix release image (#464)
|
2025-04-16 11:34:45 -07:00 |
|
Adil Hafeez
|
09c9d3706e
|
publish docker release images (#422)
* add release docker publish
* more testing
* fix more
|
2025-03-04 14:16:03 -08:00 |
|