- Added SRI hash injection during frontend build to improve security.
- Updated ESLint configuration to include 'navigator' as a global variable.
- Introduced a new `settingsStore` to manage user preferences for asset verification.
- Enhanced `SoftwareCard` and `VerificationModal` components to display contributor information and security checks.
- Updated `verificationStore` to handle expanded toast notifications for detailed verification steps.
- Implemented a new `CodeBlock` component for displaying code snippets with syntax highlighting.
- Improved API documentation and added new endpoints for fetching software and asset details.
- Introduced a new verification system for asset downloads, allowing users to choose whether to verify assets before downloading.
- Added a `VerificationModal` component to handle the verification process and user preferences.
- Implemented a `verificationStore` to manage the state of verification toasts and progress.
- Updated `SoftwareCard` to trigger background verification based on user preferences stored in local storage.
- Created `VerificationToasts` component to display real-time verification status and progress.
- Enhanced the WASM verifier integration to support the new verification workflow.
- Introduced loadVerifier function to load the WASM verifier from the server.
- Added verifyAsset function to validate asset data against an expected SHA256 hash using the loaded verifier.
- Ensured compatibility with server-side rendering by checking for the window object.
- Implemented computeSHA256 function to generate hex-encoded SHA256 hashes.
- Added verifySHA256 function to validate input data against expected hash in a WebAssembly context.
- Created main_test.go to include unit tests for computeSHA256 with various input cases.
- Integrated a new VerificationModal component to handle asset verification.
- Updated SoftwareCard to manage download verification state and trigger the modal.
- Added WASM execution script and binary for client-side verification.
- Included necessary imports and state management for verification process in SoftwareCard.
- Enhanced app.html to load the WASM execution script.
- Added global variables: MouseEvent, Blob, WebAssembly, Uint8Array, ArrayBuffer, and URL.
- Updated the ignore patterns to include 'static/**' in the ESLint configuration.
- Added new targets for building and testing the WASM verifier.
- Updated the 'all' target to include 'build-wasm'.
- Modified 'build-frontend' to depend on 'build-wasm'.
- Introduced 'test-wasm' for running tests on the WASM verifier.
- Clean target now removes WASM output directory.
- Modified the ALLOWED_ORIGINS environment variable in docker-compose.coolify.yaml to remove the default fallback to '*', ensuring it only uses the specified SERVICE_URL_SOFTWARE_STATION value for improved security and configurability.
- Updated the handling of the ALLOWED_ORIGINS environment variable to ensure a default value of '*' is used when the variable is empty, improving the flexibility of CORS settings.
- Updated command-line flag definitions to use a helper function for retrieving environment variables, allowing for more flexible configuration.
- Changed default values for Gitea server URL, config path, UA blocklist path, and server port to be set via environment variables.
- Modified CORS middleware to accept allowed origins from an environment variable, enhancing security and configurability.
- Updated the Dockerfile to utilize cache mounts for npm and Go module installations, enhancing build performance.
- Changed the base image for the final stage to a more minimal runtime image.
- Simplified the application description in the image metadata.
- Ensured proper ownership for copied data and cache directories in the final image.
- Introduced VERSION, BUILD_DATE, and VCS_REF variables to the Makefile for enhanced Docker image metadata.
- Added a new docker-build target to facilitate building the Docker image with the specified metadata, improving version tracking and documentation.
- Removed README.md and LICENSE from .dockerignore for inclusion in Docker image.
- Introduced a new docker-compose.yml file to define the application services and their configurations.
- Enhanced Dockerfile with build arguments and detailed image metadata for better documentation and version tracking.
- Introduced a Dockerfile that implements a multi-stage build process for the application.
- The first stage builds the frontend using Node.js and pnpm.
- The second stage compiles the Go binary with embedded frontend assets.
- The final stage creates a minimal runtime image, setting up necessary environment variables and exposing the application on port 8080.
- Updated README.md to include new features: authentication for certain software/containers and an admin panel, enhancing the documentation of the platform's capabilities.
- Added versioning and last updated date to the legal disclaimer, privacy policy, and terms of service documents for better clarity and tracking of changes.
- Updated the legal disclaimer to include detailed sections on warranty, liability, integrity, and upstream content.
- Enhanced the privacy policy to align with GDPR, specifying data processing, anonymization, and user rights.
- Revised terms of service to clarify fair use, anti-abuse measures, and the disclaimer of warranties.
- Updated the privacy policy to clarify data collection practices, including the use of User Agent and Client Hints for bot detection.
- Added TLS Metadata for improved bot detection capabilities.
- Introduced a persistent identifier (_ss_uid cookie) for long-term anti-abuse protection, while emphasizing the use of a single first-party cookie for security context without third-party trackers.
- Updated GetRequestFingerprint to include additional headers (Sec-CH-UA-Platform, Sec-CH-UA-Mobile) and UID cookie for improved uniqueness.
- Modified SecurityMiddleware to set a new UID cookie if not present, enhancing user tracking and security.
- Adjusted test cases to reflect changes in fingerprinting logic and ensure accurate validation of request parameters.
- Added .salt, test-hashes.json, and test_handlers_hashes.json to both .dockerignore and .gitignore for improved file management and to prevent unnecessary files from being included in builds and version control.
- Updated the StartBackgroundUpdater function to accept a callback for software list updates, improving flexibility.
- Refactored the API handlers to utilize a proxied software list, enhancing data handling and response efficiency.
- Introduced a new method for refreshing the proxied software list, ensuring accurate data representation.
- Added unit tests for API handlers to validate functionality and response correctness.
- Introduced constants for avatar cache limit and cleanup interval.
- Implemented a background cleanup process to manage the avatar cache size, removing the oldest files when the limit is exceeded.
- Updated the AvatarHandler to refresh the modification time of cached avatars for better cache management.
- Reformatted JSON entries for improved consistency and readability.
- Ensured translations for various software-related messages are correctly structured across all three languages.
- Maintained existing translations while enhancing overall clarity for user feedback.
- Bumped version from 0.1.0 to 0.2.0 in package.json.
- Updated dependencies:
- @sveltejs/kit to 2.49.2
- svelte to 5.46.1
- svelte-check to 4.3.5
- vite to 7.3.0
- Created a new Svelte component `+error.svelte` to display user-friendly error messages.
- The component differentiates between 404 errors and other error statuses, providing appropriate feedback and navigation options.
- Integrated localization support for error messages using `svelte-i18n`.
- Created a new file `ua-blocklist.txt` to store URLs for bad user agent lists.
- The lists will be fetched every 24 hours and cached for improved bot detection.
- Added translations for error handling and page not found messages in German, English, Italian, and Russian JSON files.
- Enhanced user experience by providing clearer feedback for unexpected errors and navigation issues.
- Implemented structured RSS feed generation using XML encoding.
- Enhanced URL registration by incorporating a random salt for hash generation.
- Introduced a bot blocker to the security middleware for improved bot detection.
- Updated security middleware to utilize the new bot blocker and added more entropy to request fingerprinting.
- Introduced a bot blocker initialized with a user agent blocklist.
- Updated the security middleware to utilize the new bot blocker in both main and test files.
- Enhanced error handling for API requests to return a proper 404 response when content is not found.
