mai
/
posimai-root
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Root repo: CLAUDE.md, _template, server.js, scripts, deploy scripts
106 Commits 1 Branch 0 Tags 3.9 GiB
HTML 42.7%
JavaScript 36.7%
TypeScript 8.4%
Shell 5.7%
PowerShell 5.3%
Other 1.2%
Go to file
posimai d6f7b487d0 fix: security hardening for commercial release 
- Fix OAuth (Google/GitHub) DB column bug: SELECT id → SELECT user_id
- Add OAuth CSRF protection via state parameter (Google + GitHub)
- Restrict /health endpoint: detailed info requires authentication
- Add in-memory rate limiter utility (checkRateLimit)
- Add rate limit to passkey login/begin: 10 req/min per IP
- Add rate limit to Gemini AI analysis: 50 articles/hour per user
- Add rate limit to journal suggest-tags: 10 req/hour per user
- Update posimai-dev /api/vps-health proxy to send VPS_API_KEY header

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 		2026-04-04 23:04:20 +09:00
_template chore: initial backup of root config, templates, and server source 2026-03-17 17:19:20 +09:00
_template-minimal feat: add posimai-ui design system, update template and docs 2026-03-19 10:10:11 +09:00
docs docs: update Chronicle data sources, add Ubuntu PC to architecture 2026-03-31 14:15:26 +09:00
posimai-dev fix: security hardening for commercial release 2026-04-04 23:04:20 +09:00
posimai-log@40dace3ddd feat: diary VPS cloud sync — generate-post fetches from VPS, memory-push.sh HOME fix 2026-04-03 15:53:26 +09:00
scripts feat: diary VPS cloud sync — generate-post fetches from VPS, memory-push.sh HOME fix 2026-04-03 15:53:26 +09:00
tools/posimai-scribe feat: diary VPS cloud sync — generate-post fetches from VPS, memory-push.sh HOME fix 2026-04-03 15:53:26 +09:00
.gitignore fix: security hardening - XSS, SSRF, proxy auth, Syncthing config 2026-04-03 08:15:45 +09:00
.stignore fix: security hardening - XSS, SSRF, proxy auth, Syncthing config 2026-04-03 08:15:45 +09:00
AGENTS.md docs: compress CLAUDE.md/AGENTS.md — remove redundancy, ~40% token reduction 2026-04-04 16:36:38 +09:00
APP_IDEAS.md docs: add APP_IDEAS.md, reference in CLAUDE/AGENTS, fix ponshu APK link 2026-03-22 13:27:56 +09:00
CLAUDE.md docs: compress CLAUDE.md/AGENTS.md — remove redundancy, ~40% token reduction 2026-04-04 16:36:38 +09:00
claude-settings.json chore: allow Write and Edit tools in settings 2026-03-19 10:02:47 +09:00
create-app.sh feat: add create-app.sh, _template-minimal, update deploy-server.sh (passwordless), update CLAUDE.md 2026-03-17 22:13:39 +09:00
deploy-edge.sh fix: add --no-verify-jwt to together-archive deploy for Database Webhook auth 2026-04-04 21:05:46 +09:00
deploy-server.sh fix: update deploy-server.sh to target VPS instead of Synology 2026-03-25 23:23:31 +09:00
package.json feat: add deploy-dev.sh — scp + restart bypasses Syncthing lag 2026-04-02 19:34:51 +09:00
server.js fix: security hardening for commercial release 2026-04-04 23:04:20 +09:00