chore: bump version to 1.7.13 and update CHANGELOG
Build and Push Docker Image / build (push) Successful in 2m2s
Docs Check / Markdown lint (push) Successful in 1m54s
Licence Check / Licence compatibility and copyright header verification (push) Successful in 2m42s
CI / Tests & coverage (push) Successful in 3m7s
CI / Security audit (push) Successful in 3m35s
Docs Check / Mermaid diagram parse check (push) Failing after 3m53s
CI / Swagger Validation & Coverage (push) Successful in 4m26s
Build and Push Docker Image / build (push) Successful in 2m2s
Docs Check / Markdown lint (push) Successful in 1m54s
Licence Check / Licence compatibility and copyright header verification (push) Successful in 2m42s
CI / Tests & coverage (push) Successful in 3m7s
CI / Security audit (push) Successful in 3m35s
Docs Check / Mermaid diagram parse check (push) Failing after 3m53s
CI / Swagger Validation & Coverage (push) Successful in 4m26s
This commit is contained in:
+7
-6
@@ -162,12 +162,13 @@ server {
|
||||
|
||||
## Rate Limits
|
||||
|
||||
| Endpoint | Limit |
|
||||
|----------|-------|
|
||||
| `POST /api/auth/login` | 10 failed attempts per 15 min per IP |
|
||||
| All `/api/*` routes | 300 requests per 15 min per IP |
|
||||
| `POST /api/webhook/*` | 60 requests per 1 min per IP (webhook-specific limiter, stricter than general) |
|
||||
| `GET /api/swagger` | No rate limit (public documentation) |
|
||||
| Endpoint | Limit | Details & Exemptions |
|
||||
|----------|-------|----------------------|
|
||||
| `POST /api/auth/login` | 10 attempts per 15 min per IP | **Only failed attempts count** (`skipSuccessfulRequests: true`). Successful requests are not counted. |
|
||||
| All `/api/*` routes | 300 requests per 15 min per IP | General rate limiting. **Exempts `/api/dashboard/cover-art` requests** to avoid page layout image loading exhaustion. |
|
||||
| `POST /api/webhook/*` | 60 requests per 1 min per IP | Webhook-specific limiter, stricter than general. |
|
||||
| `/health` and `/ready` | Exempt | Root-level liveness/readiness probes bypass rate limiters completely. |
|
||||
| `GET /api/swagger` | Exempt | Public Swagger UI documentation does not enforce rate limits. |
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user