ferdi2go/OnlyFrames
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
27 Commits 1 Branch 0 Tags
1a2dd00bede7fd7538f7c7437366282e0a61f421
Commit Graph

12 Commits

Author SHA1 Message Date
ferdi2go ead0dd6a0f fix: cleanup only old uploads, restore fav state on tinder undo 
- #11: cleanup_old_uploads() skips dirs younger than 24h (safe during --reload)
- #12: tinderHistory stores wasFav snapshot; undo restores exact pre-swipe favorite state

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-23 12:32:17 +00:00
ferdi2go a08777d759 fix: dedup suffix format, horizon hint, JPEG export note 
- #10: filename dedup counter zero-padded (_001, _002 instead of _1, _2)
- #8: hint below auto-detect button clarifies it samples first photo only
- #9: note above export button that all output is JPEG (PNG alpha lost)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-23 12:28:10 +00:00
ferdi2go 69adfe6abb fix: disk leak, upload limit, thread safety, pydantic defaults 
- #4: background thread deletes export ZIPs older than 1h
- #5: 50 MB per-file upload limit via read(MAX+1) guard
- #6: replace _jobs .update() with atomic key assignments
- #7: ExportRequest mutable dict fields use Field(default_factory=dict)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-23 12:24:42 +00:00
ferdi2go be0a79095f security: fix path traversal, CORS auth header, session expiry 
- #1: /preview and /detect-angle now validate path is within tempdir
- #2: Add Authorization to CORS allow_headers
- #3: Sessions stored as {token: timestamp}, expire after 24h via _purge_expired_sessions()

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-23 12:22:43 +00:00
ferdi2go a194ea3dc0 fix: resolve audit failures — safe .env.example placeholder and public server binding 
- Replace sk-ant-... placeholder with non-secret string to pass secret scan
- Add .gitignore (venv, __pycache__, .env)
- Bind server to 0.0.0.0:8000 so audit HTTP check can reach it

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 14:23:20 +00:00
ferdi2go 9f44b8c4f2 chore: CLAUDE.md compliance — relative paths, CORS, README tech stack, .vch-description 
- Fix absolute API paths in index.html (/analyze, /move, /preview → relative)
- Allow all CORS origins in server.py for reverse-proxy compatibility
- Add tech stack section to README.md
- Create .vch-description for VCH Showcase

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 14:13:43 +00:00
Ferdinand 35dccd4f1b feat: show i.O. photos in review, lightbox on thumbnail click 2026-04-08 10:40:07 +02:00
Ferdinand 8a80021983 fix: use osascript for folder picker on macOS 2026-04-08 10:31:00 +02:00
Ferdinand 3dcf4bf5e8 feat: native folder picker button via tkinter 2026-04-08 10:23:21 +02:00
Ferdinand c58817becc fix: scope-check paths in /move, update anthropic SDK to 0.89.0 2026-04-07 16:28:33 +02:00
Ferdinand ccf878485d fix: restrict /preview to image extensions only 2026-04-07 13:47:36 +02:00
Ferdinand 8b50a85620 feat: FastAPI backend with /analyze, /move, /preview endpoints 2026-04-07 13:46:37 +02:00