- Increased GlobalRateLimit from 100 to 500 to accommodate higher traffic.
- Raised APIRateLimit from 30 to 150 to improve API responsiveness and user experience.
- Added a note in the README about using Taskfile for project management.
- Removed the crossOrigin attribute from the WebAssembly fetch request in verifier.ts for security compliance.
- Refactored the wasm_exec.js file for consistency in string usage and improved readability.
- Cleaned up whitespace in the SRI generation script to enhance code clarity.
- Added Taskfile.yml to streamline build, development, and testing tasks.
- Updated README to reflect new build instructions and development environment setup using `go-task`.
- Included `.taskfile.env` and `.task` in .dockerignore and .gitignore for better environment management.
- Modified asset loading in verifier.ts to include integrity and cross-origin attributes for security.
- Updated SRI generation script to handle both directory and single file inputs for improved flexibility.
- Added a new parameter to the SecurityMiddleware function to allow custom handling of forbidden requests.
- Updated Docker configurations to enable asset caching for improved performance.
- Bumped version number in the Dockerfile to 0.3.0 and refined the image description for clarity.
- Adjusted various frontend components and error handling to support new rate limiting and forbidden access messages.
- Improved documentation in multiple languages to reflect recent changes in features and security measures.
- Introduced a new section in the README to highlight the software caching feature, which caches popular assets to enhance download speed and reduce server load.
- Removed redundant mention of software caching from the upcoming features list for clarity.
- Revised the documentation for Web News to reflect its privacy-focused, offline-first capabilities and full-text extraction features.
- Expanded the features section to include details on data sovereignty, anonymous access, and a hardened backend.
- Updated build and run instructions, including prerequisites and server configuration options.
- Added a comprehensive keyboard shortcuts section for improved user navigation.
- Updated the API server to support asset caching with a new flag for enabling/disabling caching.
- Implemented asset caching logic in the DownloadProxyHandler to store and retrieve assets efficiently.
- Added tests for asset caching functionality, ensuring proper behavior for cache hits and misses.
- Introduced new documentation files for software, including multi-language support.
- Enhanced the SoftwareCard component to display documentation links for software with available docs.
- Updated the Software model to include a flag indicating the presence of documentation.
- Improved the user interface for documentation navigation and search functionality.
- Added a flag to disable the verifier UI and logic for user preferences.
- Implemented Cache-Control headers for static assets in production.
- Updated the SoftwareCard component to include a copy hash feature and display release dates.
- Introduced a Markdown component for rendering documentation content.
- Enhanced the verification process with speed updates during asset downloads.
- Improved the user interface for verification toasts and modals.
- Updated legal documents with new versions and additional privacy features.
- Added new API documentation and routes for better user guidance.
- Added primary meta tags for title and description to enhance search engine visibility.
- Included Open Graph and Twitter meta tags for better integration with social media platforms.
- Updated favicon link for branding consistency.
- Added SRI hash injection during frontend build to improve security.
- Updated ESLint configuration to include 'navigator' as a global variable.
- Introduced a new `settingsStore` to manage user preferences for asset verification.
- Enhanced `SoftwareCard` and `VerificationModal` components to display contributor information and security checks.
- Updated `verificationStore` to handle expanded toast notifications for detailed verification steps.
- Implemented a new `CodeBlock` component for displaying code snippets with syntax highlighting.
- Improved API documentation and added new endpoints for fetching software and asset details.
- Introduced a new verification system for asset downloads, allowing users to choose whether to verify assets before downloading.
- Added a `VerificationModal` component to handle the verification process and user preferences.
- Implemented a `verificationStore` to manage the state of verification toasts and progress.
- Updated `SoftwareCard` to trigger background verification based on user preferences stored in local storage.
- Created `VerificationToasts` component to display real-time verification status and progress.
- Enhanced the WASM verifier integration to support the new verification workflow.
- Introduced loadVerifier function to load the WASM verifier from the server.
- Added verifyAsset function to validate asset data against an expected SHA256 hash using the loaded verifier.
- Ensured compatibility with server-side rendering by checking for the window object.
- Implemented computeSHA256 function to generate hex-encoded SHA256 hashes.
- Added verifySHA256 function to validate input data against expected hash in a WebAssembly context.
- Created main_test.go to include unit tests for computeSHA256 with various input cases.
- Integrated a new VerificationModal component to handle asset verification.
- Updated SoftwareCard to manage download verification state and trigger the modal.
- Added WASM execution script and binary for client-side verification.
- Included necessary imports and state management for verification process in SoftwareCard.
- Enhanced app.html to load the WASM execution script.
- Added global variables: MouseEvent, Blob, WebAssembly, Uint8Array, ArrayBuffer, and URL.
- Updated the ignore patterns to include 'static/**' in the ESLint configuration.
- Added new targets for building and testing the WASM verifier.
- Updated the 'all' target to include 'build-wasm'.
- Modified 'build-frontend' to depend on 'build-wasm'.
- Introduced 'test-wasm' for running tests on the WASM verifier.
- Clean target now removes WASM output directory.
- Modified the ALLOWED_ORIGINS environment variable in docker-compose.coolify.yaml to remove the default fallback to '*', ensuring it only uses the specified SERVICE_URL_SOFTWARE_STATION value for improved security and configurability.
- Updated the handling of the ALLOWED_ORIGINS environment variable to ensure a default value of '*' is used when the variable is empty, improving the flexibility of CORS settings.
- Updated command-line flag definitions to use a helper function for retrieving environment variables, allowing for more flexible configuration.
- Changed default values for Gitea server URL, config path, UA blocklist path, and server port to be set via environment variables.
- Modified CORS middleware to accept allowed origins from an environment variable, enhancing security and configurability.
- Updated the Dockerfile to utilize cache mounts for npm and Go module installations, enhancing build performance.
- Changed the base image for the final stage to a more minimal runtime image.
- Simplified the application description in the image metadata.
- Ensured proper ownership for copied data and cache directories in the final image.
- Introduced VERSION, BUILD_DATE, and VCS_REF variables to the Makefile for enhanced Docker image metadata.
- Added a new docker-build target to facilitate building the Docker image with the specified metadata, improving version tracking and documentation.
- Removed README.md and LICENSE from .dockerignore for inclusion in Docker image.
- Introduced a new docker-compose.yml file to define the application services and their configurations.
- Enhanced Dockerfile with build arguments and detailed image metadata for better documentation and version tracking.
- Introduced a Dockerfile that implements a multi-stage build process for the application.
- The first stage builds the frontend using Node.js and pnpm.
- The second stage compiles the Go binary with embedded frontend assets.
- The final stage creates a minimal runtime image, setting up necessary environment variables and exposing the application on port 8080.
- Updated README.md to include new features: authentication for certain software/containers and an admin panel, enhancing the documentation of the platform's capabilities.
- Added versioning and last updated date to the legal disclaimer, privacy policy, and terms of service documents for better clarity and tracking of changes.
- Updated the legal disclaimer to include detailed sections on warranty, liability, integrity, and upstream content.
- Enhanced the privacy policy to align with GDPR, specifying data processing, anonymization, and user rights.
- Revised terms of service to clarify fair use, anti-abuse measures, and the disclaimer of warranties.
- Updated the privacy policy to clarify data collection practices, including the use of User Agent and Client Hints for bot detection.
- Added TLS Metadata for improved bot detection capabilities.
- Introduced a persistent identifier (_ss_uid cookie) for long-term anti-abuse protection, while emphasizing the use of a single first-party cookie for security context without third-party trackers.
- Updated GetRequestFingerprint to include additional headers (Sec-CH-UA-Platform, Sec-CH-UA-Mobile) and UID cookie for improved uniqueness.
- Modified SecurityMiddleware to set a new UID cookie if not present, enhancing user tracking and security.
- Adjusted test cases to reflect changes in fingerprinting logic and ensure accurate validation of request parameters.
- Added .salt, test-hashes.json, and test_handlers_hashes.json to both .dockerignore and .gitignore for improved file management and to prevent unnecessary files from being included in builds and version control.
- Updated the StartBackgroundUpdater function to accept a callback for software list updates, improving flexibility.
- Refactored the API handlers to utilize a proxied software list, enhancing data handling and response efficiency.
- Introduced a new method for refreshing the proxied software list, ensuring accurate data representation.
- Added unit tests for API handlers to validate functionality and response correctness.
- Introduced constants for avatar cache limit and cleanup interval.
- Implemented a background cleanup process to manage the avatar cache size, removing the oldest files when the limit is exceeded.
- Updated the AvatarHandler to refresh the modification time of cached avatars for better cache management.
- Reformatted JSON entries for improved consistency and readability.
- Ensured translations for various software-related messages are correctly structured across all three languages.
- Maintained existing translations while enhancing overall clarity for user feedback.
- Bumped version from 0.1.0 to 0.2.0 in package.json.
- Updated dependencies:
- @sveltejs/kit to 2.49.2
- svelte to 5.46.1
- svelte-check to 4.3.5
- vite to 7.3.0
- Created a new Svelte component `+error.svelte` to display user-friendly error messages.
- The component differentiates between 404 errors and other error statuses, providing appropriate feedback and navigation options.
- Integrated localization support for error messages using `svelte-i18n`.
