chore(release): bump version to 1.7.0
Docs Check / Markdown lint (push) Failing after 25s
Build and Push Docker Image / build (push) Successful in 1m22s
Licence Check / Licence compatibility and copyright header verification (push) Failing after 1m8s
CI / Swagger Validation & Coverage (push) Successful in 1m51s
CI / Security audit (push) Successful in 2m2s
Docs Check / Mermaid diagram parse check (push) Successful in 2m11s
CI / Tests & coverage (push) Failing after 2m17s

- Increment version from 1.6.0 to 1.7.0 in package.json
- Add detailed CHANGELOG.md entry for Swagger UI & OpenAPI 3.1 documentation
- Update README.md version highlight to mention Swagger UI
- Add API Documentation System section (7.4) to ARCHITECTURE.md
- Add swagger-ui-express, swagger-jsdoc, yamljs, spectral-cli to Technology Stack
- Update High-Level Architecture diagram with Swagger UI node
- Update Request routing summary to include /api/swagger
- Update SECURITY.md: Threat Model, Rate Limits, and Supported Versions tables
This commit is contained in:
2026-05-21 13:35:31 +01:00
parent f3e1bd17fb
commit 1ed01d0ef0
5 changed files with 135 additions and 5 deletions
+8 -3
View File
@@ -4,9 +4,12 @@
| Version | Supported |
|---------|-----------|
| 1.4.x | ✅ Yes |
| 1.3.x | ✅ Yes |
| 1.2.x | ✅ Yes |
| 1.7.x | ✅ Yes |
| 1.6.x | ✅ Yes |
| 1.5.x | ✅ Yes |
| 1.4.x | ❌ No |
| 1.3.x | ❌ No |
| 1.2.x | ❌ No |
| 1.1.x | ❌ No |
| 1.0.x | ❌ No |
| < 1.0 | ❌ No |
@@ -41,6 +44,7 @@ users via Emby. The primary threat surface when exposed to the public internet:
| Webhook payload injection | `validatePayload()` allowlists 18 known event types; rejects non-object bodies and overlong fields |
| Webhook replay attacks | `isReplay()` tracks `(eventType, instanceName, date)` tuples for 5 minutes; duplicate events return `200 { duplicate: true }` without cache mutation |
| Webhook flood / DoS | Dedicated rate limiter: 60 requests/min per IP on `/api/webhook/*` |
| API documentation disclosure | Swagger UI at `/api/swagger` publicly exposes endpoint structure; mitigated by endpoint auth requirements and CSRF protection on all mutations |
---
@@ -161,6 +165,7 @@ server {
| `POST /api/auth/login` | 10 failed attempts per 15 min per IP |
| All `/api/*` routes | 300 requests per 15 min per IP |
| `POST /api/webhook/*` | 60 requests per 1 min per IP (webhook-specific limiter, stricter than general) |
| `GET /api/swagger` | No rate limit (public documentation) |
---