bunker-admin
5a0c4641a1
Security audit fixes, mobile responsiveness across 40+ admin pages
Security hardening from Mar 31 audit:
- Separate login rate limit (10/15min) from general auth budget (15/15min)
- Timing-safe webhook secret comparison (Listmonk)
- Docs file creation ACL check (matches PUT/DELETE guards)
- Key separation warnings for GITEA_SSO_SECRET and SERVICE_PASSWORD_SALT
- Clear GITEA_ADMIN_PASSWORD from .env after auto-setup
- SQL injection prevention in effectiveness groupBy (pre-validated map)
- Token hashing for password reset and verification tokens
Mobile responsiveness (Phase 2C):
- Add MobilePageHeader component and useMobile hook
- Responsive table columns (hide secondary cols on mobile)
- scroll={{ x: 'max-content' }} across all data tables
- Mobile-adapted layouts for Dashboard, Settings, Calendar, SMS, Social pages
- Conditional toolbar buttons on mobile viewports
Infrastructure:
- Updated docker-compose and nginx templates
- Build script and mirror script updates
Bunker Admin
2026-03-31 18:30:17 -06:00
..
2026-02-11 10:05:04 -07:00
2026-03-25 19:33:11 -06:00
2026-02-18 17:15:31 -07:00
2026-03-31 18:30:17 -06:00
2026-03-31 11:53:20 -06:00
2026-03-31 11:20:01 -06:00
2026-03-31 18:30:17 -06:00
2026-02-26 17:47:04 -07:00
2026-02-26 17:47:04 -07:00
2026-03-05 10:59:39 -07:00
2026-03-26 10:31:51 -06:00
2026-02-16 10:44:18 -07:00
2026-03-22 20:34:49 -06:00
2026-03-22 21:47:09 -06:00
2026-03-26 10:31:51 -06:00
2026-03-26 10:31:51 -06:00