chore(release): bump version to 1.7.0
Docs Check / Markdown lint (push) Failing after 25s
Build and Push Docker Image / build (push) Successful in 1m22s
Licence Check / Licence compatibility and copyright header verification (push) Failing after 1m8s
CI / Swagger Validation & Coverage (push) Successful in 1m51s
CI / Security audit (push) Successful in 2m2s
Docs Check / Mermaid diagram parse check (push) Successful in 2m11s
CI / Tests & coverage (push) Failing after 2m17s
Docs Check / Markdown lint (push) Failing after 25s
Build and Push Docker Image / build (push) Successful in 1m22s
Licence Check / Licence compatibility and copyright header verification (push) Failing after 1m8s
CI / Swagger Validation & Coverage (push) Successful in 1m51s
CI / Security audit (push) Successful in 2m2s
Docs Check / Mermaid diagram parse check (push) Successful in 2m11s
CI / Tests & coverage (push) Failing after 2m17s
- Increment version from 1.6.0 to 1.7.0 in package.json - Add detailed CHANGELOG.md entry for Swagger UI & OpenAPI 3.1 documentation - Update README.md version highlight to mention Swagger UI - Add API Documentation System section (7.4) to ARCHITECTURE.md - Add swagger-ui-express, swagger-jsdoc, yamljs, spectral-cli to Technology Stack - Update High-Level Architecture diagram with Swagger UI node - Update Request routing summary to include /api/swagger - Update SECURITY.md: Threat Model, Rate Limits, and Supported Versions tables
This commit is contained in:
+8
-3
@@ -4,9 +4,12 @@
|
||||
|
||||
| Version | Supported |
|
||||
|---------|-----------|
|
||||
| 1.4.x | ✅ Yes |
|
||||
| 1.3.x | ✅ Yes |
|
||||
| 1.2.x | ✅ Yes |
|
||||
| 1.7.x | ✅ Yes |
|
||||
| 1.6.x | ✅ Yes |
|
||||
| 1.5.x | ✅ Yes |
|
||||
| 1.4.x | ❌ No |
|
||||
| 1.3.x | ❌ No |
|
||||
| 1.2.x | ❌ No |
|
||||
| 1.1.x | ❌ No |
|
||||
| 1.0.x | ❌ No |
|
||||
| < 1.0 | ❌ No |
|
||||
@@ -41,6 +44,7 @@ users via Emby. The primary threat surface when exposed to the public internet:
|
||||
| Webhook payload injection | `validatePayload()` allowlists 18 known event types; rejects non-object bodies and overlong fields |
|
||||
| Webhook replay attacks | `isReplay()` tracks `(eventType, instanceName, date)` tuples for 5 minutes; duplicate events return `200 { duplicate: true }` without cache mutation |
|
||||
| Webhook flood / DoS | Dedicated rate limiter: 60 requests/min per IP on `/api/webhook/*` |
|
||||
| API documentation disclosure | Swagger UI at `/api/swagger` publicly exposes endpoint structure; mitigated by endpoint auth requirements and CSRF protection on all mutations |
|
||||
|
||||
---
|
||||
|
||||
@@ -161,6 +165,7 @@ server {
|
||||
| `POST /api/auth/login` | 10 failed attempts per 15 min per IP |
|
||||
| All `/api/*` routes | 300 requests per 15 min per IP |
|
||||
| `POST /api/webhook/*` | 60 requests per 1 min per IP (webhook-specific limiter, stricter than general) |
|
||||
| `GET /api/swagger` | No rate limit (public documentation) |
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user