Harden security, modularize API bootstrap, and fix scale SSE auth.

Browse Source

Block web access to sensitive paths, require API_TOKEN for mutations, encrypt GitHub issue credentials in .env, auto-provision tokens for same-origin clients, and pass api_token in scale relay URLs since EventSource cannot send headers.

Co-authored-by: Cursor <cursoragent@cursor.com>

...

This commit is contained in:

dadaloop82

2026-06-03 18:04:19 +00:00

parent 7104483dac

commit d33b0ca2fe

34 changed files with 1619 additions and 277 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

assets/vendor/quagga/quagga.min.js

Vendored

+4

File diff suppressed because one or more lines are too long