curo/Business-Management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0af5e8cc24b22478ca65bf6bb417fd4e277561e4
Business-Management/changelog
T
History
curo1305 0af5e8cc24 Harden JWT: 8-hour expiry, add JWT vulnerability checks 
- Reduce ACCESS_TOKEN_EXPIRE_MINUTES from 24h to 8h (no permanent sessions)
- Add JWT_PATTERNS to security_check.py: algorithm=none, verify_exp=False,
  multi-day timedelta, oversized EXPIRE_MINUTES, hardcoded secret
- Add JWT security checklist to security-auditor agent
- Document auth/session security items in TODO.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-13 22:54:53 +02:00
..
2026-04-12_docker-fixes.md
Fix Docker build: lockfile, BuildKit DNS, and setuptools build backend
2026-04-12 15:40:18 +02:00
2026-04-12_dockerize.md
Dockerize backend, frontend, and database into separate containers
2026-04-12 15:22:04 +02:00
2026-04-12_initial-scaffold.md
Add README, changelog directory, and changelog convention to CLAUDE.md
2026-04-12 15:14:44 +02:00
2026-04-12_proxy-fix-success-pages.md
Fix Vite proxy inside Docker and add success pages
2026-04-12 16:12:35 +02:00
2026-04-12_security-validation.md
Add test user seed, password validation, and pre-commit security hook
2026-04-12 15:54:23 +02:00
2026-04-12_troubleshooting.md
Fix dev stack startup: seed path, missing migration, passlib/bcrypt incompatibility
2026-04-12 16:03:03 +02:00
2026-04-13_jwt-expiry.md
Harden JWT: 8-hour expiry, add JWT vulnerability checks
2026-04-13 22:54:53 +02:00
2026-04-13_penpot-decision.md
Switch UX/UI tooling to self-hosted Penpot; add setup checklist
2026-04-13 22:07:44 +02:00
2026-04-13_profile-sanitization.md
Add profile feature, input sanitization, and stronger security checks
2026-04-13 18:15:47 +02:00
2026-04-13_rootless-containers.md
Align all app containers to UID 1001, add infra protocol, update README
2026-04-13 17:29:02 +02:00