Nexus

Hartmut/Nexus

Fork 0

Commit Graph

Author	SHA1	Message	Date
Hartmut	b41c1d2501	rename(phase 1): CapaKraken → Nexus across code, UI, docs, CI (#61 ) CI / Architecture Guardrails (push) Successful in 2m38s Details CI / Assistant Split Regression (push) Successful in 3m33s Details CI / Typecheck (push) Successful in 3m51s Details CI / Lint (push) Successful in 5m2s Details CI / E2E Tests (push) Has been cancelled Details CI / Fresh-Linux Docker Deploy (push) Has been cancelled Details CI / Release Images (push) Has been cancelled Details CI / Build (push) Has been cancelled Details CI / Unit Tests (push) Has been cancelled Details rename(phase 1): CapaKraken → Nexus across code, UI, docs, CI (#61) Co-authored-by: Hartmut Nörenberg <hn@hartmut-noerenberg.com> Co-committed-by: Hartmut Nörenberg <hn@hartmut-noerenberg.com>	2026-05-21 16:28:40 +02:00
Hartmut	c4b01c1bfc	security: workbook path allowlist + stronger image polyglot validation (#54 ) - dispo workbook imports are pinned to DISPO_IMPORT_DIR (default ./imports): tRPC input rejects absolute paths and .. segments, runtime reader re-validates containment via path.relative. Closes a path-traversal class that reached ExcelJS CVEs through admin/compromised tokens. - image validator now checks the full 8-byte PNG magic, enforces PNG IEND and JPEG EOI trailers, scans the decoded buffer for markup polyglot markers (<script, <svg, <iframe, javascript:, onerror=, ...), and explicitly rejects SVG. Provider-generated covers (DALL-E, Gemini) run through the same validator before persistence — an untrusted upstream cannot smuggle a stored-XSS payload past us. - added image-validation.test.ts and tightened documentation. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-17 15:26:29 +02:00
Hartmut	1d3f1a007f	refactor(api): extract dispo procedures	2026-03-31 20:32:59 +02:00

Author

SHA1

Message

Date

Hartmut

b41c1d2501

rename(phase 1): CapaKraken → Nexus across code, UI, docs, CI (#61 )

CI / Architecture Guardrails (push) Successful in 2m38s

Details

CI / Assistant Split Regression (push) Successful in 3m33s

Details

CI / Typecheck (push) Successful in 3m51s

Details

CI / Lint (push) Successful in 5m2s

Details

CI / E2E Tests (push) Has been cancelled

Details

CI / Fresh-Linux Docker Deploy (push) Has been cancelled

Details

CI / Release Images (push) Has been cancelled

Details

CI / Build (push) Has been cancelled

Details

CI / Unit Tests (push) Has been cancelled

Details

rename(phase 1): CapaKraken → Nexus across code, UI, docs, CI (#61)

Co-authored-by: Hartmut Nörenberg <hn@hartmut-noerenberg.com>
Co-committed-by: Hartmut Nörenberg <hn@hartmut-noerenberg.com>

2026-05-21 16:28:40 +02:00

Hartmut

c4b01c1bfc

security: workbook path allowlist + stronger image polyglot validation (#54 )

- dispo workbook imports are pinned to DISPO_IMPORT_DIR (default ./imports):
  tRPC input rejects absolute paths and .. segments, runtime reader
  re-validates containment via path.relative. Closes a path-traversal
  class that reached ExcelJS CVEs through admin/compromised tokens.
- image validator now checks the full 8-byte PNG magic, enforces PNG IEND
  and JPEG EOI trailers, scans the decoded buffer for markup polyglot
  markers (<script, <svg, <iframe, javascript:, onerror=, ...), and
  explicitly rejects SVG. Provider-generated covers (DALL-E, Gemini) run
  through the same validator before persistence — an untrusted upstream
  cannot smuggle a stored-XSS payload past us.
- added image-validation.test.ts and tightened documentation.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-04-17 15:26:29 +02:00

Hartmut

1d3f1a007f

refactor(api): extract dispo procedures

2026-03-31 20:32:59 +02:00

3 Commits