- Added global variables: MouseEvent, Blob, WebAssembly, Uint8Array, ArrayBuffer, and URL.
- Updated the ignore patterns to include 'static/**' in the ESLint configuration.
- Added new targets for building and testing the WASM verifier.
- Updated the 'all' target to include 'build-wasm'.
- Modified 'build-frontend' to depend on 'build-wasm'.
- Introduced 'test-wasm' for running tests on the WASM verifier.
- Clean target now removes WASM output directory.
- Modified the ALLOWED_ORIGINS environment variable in docker-compose.coolify.yaml to remove the default fallback to '*', ensuring it only uses the specified SERVICE_URL_SOFTWARE_STATION value for improved security and configurability.
- Updated the handling of the ALLOWED_ORIGINS environment variable to ensure a default value of '*' is used when the variable is empty, improving the flexibility of CORS settings.
- Updated command-line flag definitions to use a helper function for retrieving environment variables, allowing for more flexible configuration.
- Changed default values for Gitea server URL, config path, UA blocklist path, and server port to be set via environment variables.
- Modified CORS middleware to accept allowed origins from an environment variable, enhancing security and configurability.
- Updated the Dockerfile to utilize cache mounts for npm and Go module installations, enhancing build performance.
- Changed the base image for the final stage to a more minimal runtime image.
- Simplified the application description in the image metadata.
- Ensured proper ownership for copied data and cache directories in the final image.
- Introduced VERSION, BUILD_DATE, and VCS_REF variables to the Makefile for enhanced Docker image metadata.
- Added a new docker-build target to facilitate building the Docker image with the specified metadata, improving version tracking and documentation.
- Removed README.md and LICENSE from .dockerignore for inclusion in Docker image.
- Introduced a new docker-compose.yml file to define the application services and their configurations.
- Enhanced Dockerfile with build arguments and detailed image metadata for better documentation and version tracking.
- Introduced a Dockerfile that implements a multi-stage build process for the application.
- The first stage builds the frontend using Node.js and pnpm.
- The second stage compiles the Go binary with embedded frontend assets.
- The final stage creates a minimal runtime image, setting up necessary environment variables and exposing the application on port 8080.
- Updated README.md to include new features: authentication for certain software/containers and an admin panel, enhancing the documentation of the platform's capabilities.
- Added versioning and last updated date to the legal disclaimer, privacy policy, and terms of service documents for better clarity and tracking of changes.
- Updated the legal disclaimer to include detailed sections on warranty, liability, integrity, and upstream content.
- Enhanced the privacy policy to align with GDPR, specifying data processing, anonymization, and user rights.
- Revised terms of service to clarify fair use, anti-abuse measures, and the disclaimer of warranties.
- Updated the privacy policy to clarify data collection practices, including the use of User Agent and Client Hints for bot detection.
- Added TLS Metadata for improved bot detection capabilities.
- Introduced a persistent identifier (_ss_uid cookie) for long-term anti-abuse protection, while emphasizing the use of a single first-party cookie for security context without third-party trackers.
- Updated GetRequestFingerprint to include additional headers (Sec-CH-UA-Platform, Sec-CH-UA-Mobile) and UID cookie for improved uniqueness.
- Modified SecurityMiddleware to set a new UID cookie if not present, enhancing user tracking and security.
- Adjusted test cases to reflect changes in fingerprinting logic and ensure accurate validation of request parameters.
- Added .salt, test-hashes.json, and test_handlers_hashes.json to both .dockerignore and .gitignore for improved file management and to prevent unnecessary files from being included in builds and version control.
- Updated the StartBackgroundUpdater function to accept a callback for software list updates, improving flexibility.
- Refactored the API handlers to utilize a proxied software list, enhancing data handling and response efficiency.
- Introduced a new method for refreshing the proxied software list, ensuring accurate data representation.
- Added unit tests for API handlers to validate functionality and response correctness.
- Introduced constants for avatar cache limit and cleanup interval.
- Implemented a background cleanup process to manage the avatar cache size, removing the oldest files when the limit is exceeded.
- Updated the AvatarHandler to refresh the modification time of cached avatars for better cache management.
- Reformatted JSON entries for improved consistency and readability.
- Ensured translations for various software-related messages are correctly structured across all three languages.
- Maintained existing translations while enhancing overall clarity for user feedback.
- Bumped version from 0.1.0 to 0.2.0 in package.json.
- Updated dependencies:
- @sveltejs/kit to 2.49.2
- svelte to 5.46.1
- svelte-check to 4.3.5
- vite to 7.3.0
- Created a new Svelte component `+error.svelte` to display user-friendly error messages.
- The component differentiates between 404 errors and other error statuses, providing appropriate feedback and navigation options.
- Integrated localization support for error messages using `svelte-i18n`.
- Created a new file `ua-blocklist.txt` to store URLs for bad user agent lists.
- The lists will be fetched every 24 hours and cached for improved bot detection.
- Added translations for error handling and page not found messages in German, English, Italian, and Russian JSON files.
- Enhanced user experience by providing clearer feedback for unexpected errors and navigation issues.
- Implemented structured RSS feed generation using XML encoding.
- Enhanced URL registration by incorporating a random salt for hash generation.
- Introduced a bot blocker to the security middleware for improved bot detection.
- Updated security middleware to utilize the new bot blocker and added more entropy to request fingerprinting.
- Introduced a bot blocker initialized with a user agent blocklist.
- Updated the security middleware to utilize the new bot blocker in both main and test files.
- Enhanced error handling for API requests to return a proper 404 response when content is not found.
