CapaKraken

Hartmut/CapaKraken

Fork 0

Files

T

History

Hartmut 9ef7114c77

CI / Architecture Guardrails (pull_request) Successful in 3m49s

Details

CI / Typecheck (pull_request) Failing after 4m26s

Details

CI / Build (pull_request) Has been skipped

Details

CI / Fresh-Linux Docker Deploy (pull_request) Has been skipped

Details

CI / Lint (pull_request) Successful in 7m52s

Details

CI / Assistant Split Regression (pull_request) Successful in 9m18s

Details

CI / Unit Tests (pull_request) Successful in 11m35s

Details

CI / E2E Tests (pull_request) Has been skipped

Details

CI / Release Images (pull_request) Has been skipped

Details

security: reject common/weak passwords on every set-password path (#31 )

Adds a synchronous policy check that blocks (1) the curated >=12-char
common-password list (rockyou top, predictable seasonal, admin defaults),
(2) trivial patterns (single-char repeat, short-pattern repeat, keyboard
or numeric sequences), and (3) passwords containing the user's email
local-part or any name component. Wired into all five password-mutation
sites: first-admin setup, admin createUser/setUserPassword, invite
acceptance, and password-reset.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-04-18 14:02:43 +02:00

web

security: reject common/weak passwords on every set-password path (#31 )

2026-04-18 14:02:43 +02:00