ferdi2go/OnlyFrames
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
24 Commits 1 Branch 0 Tags
69adfe6abb055482725cf2371a74ae4fc4197cd0
Commit Graph

10 Commits

Author SHA1 Message Date
ferdi2go 69adfe6abb fix: disk leak, upload limit, thread safety, pydantic defaults 
- #4: background thread deletes export ZIPs older than 1h
- #5: 50 MB per-file upload limit via read(MAX+1) guard
- #6: replace _jobs .update() with atomic key assignments
- #7: ExportRequest mutable dict fields use Field(default_factory=dict)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-23 12:24:42 +00:00
ferdi2go be0a79095f security: fix path traversal, CORS auth header, session expiry 
- #1: /preview and /detect-angle now validate path is within tempdir
- #2: Add Authorization to CORS allow_headers
- #3: Sessions stored as {token: timestamp}, expire after 24h via _purge_expired_sessions()

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-23 12:22:43 +00:00
ferdi2go a194ea3dc0 fix: resolve audit failures — safe .env.example placeholder and public server binding 
- Replace sk-ant-... placeholder with non-secret string to pass secret scan
- Add .gitignore (venv, __pycache__, .env)
- Bind server to 0.0.0.0:8000 so audit HTTP check can reach it

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 14:23:20 +00:00
ferdi2go 9f44b8c4f2 chore: CLAUDE.md compliance — relative paths, CORS, README tech stack, .vch-description 
- Fix absolute API paths in index.html (/analyze, /move, /preview → relative)
- Allow all CORS origins in server.py for reverse-proxy compatibility
- Add tech stack section to README.md
- Create .vch-description for VCH Showcase

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 14:13:43 +00:00
Ferdinand 35dccd4f1b feat: show i.O. photos in review, lightbox on thumbnail click 2026-04-08 10:40:07 +02:00
Ferdinand 8a80021983 fix: use osascript for folder picker on macOS 2026-04-08 10:31:00 +02:00
Ferdinand 3dcf4bf5e8 feat: native folder picker button via tkinter 2026-04-08 10:23:21 +02:00
Ferdinand c58817becc fix: scope-check paths in /move, update anthropic SDK to 0.89.0 2026-04-07 16:28:33 +02:00
Ferdinand ccf878485d fix: restrict /preview to image extensions only 2026-04-07 13:47:36 +02:00
Ferdinand 8b50a85620 feat: FastAPI backend with /analyze, /move, /preview endpoints 2026-04-07 13:46:37 +02:00