fix: comprehensive security, consistency, and dead code cleanup
Security: - Add auth + file type/size validation to upload API - Add admin auth to /api/admin/ endpoints - Add SSRF protection to scrape action - Whitelist fields in PUT /api/notes/[id] to prevent mass assignment - Protect /lab, /agents, /chat, /canvas, /notebooks routes in middleware AI provider fixes: - Add deepseek/openrouter to factory ProviderType (was silently falling back to ollama) - Fix title-suggestion.service.ts to use factory instead of hardcoded OpenAI - Fix getAIProvider→getChatProvider in memory-echo, notebook-summary, agent-executor - Fix getAIProvider→getTagsProvider in notebook-suggestion, title-suggestions, transform-markdown Functional bugs: - Fix ALLOW_REGISTRATION AND→OR logic - Fix note-editor.tsx passing stale props to useAutoTagging instead of local state - Fix stale Note.embedding type (migrated to NoteEmbedding table) - Remove hardcoded SQLite path from prisma.ts Frontend: - Add AbortController to useAutoTagging and useTitleSuggestions hooks - Add error rollback to optimistic UI in note-inline-editor - Remove stale closure over notebookId/language in useAutoTagging Cleanup: - Rename docker-compose from keepnotes→memento - Remove unused unstable_cache import from config.ts - Remove dead useUndoRedo hook - Fix TagSuggestion type (add isNewLabel, reasoning) - Remove dead AIConfig/AIProviderType types - Fix ghost-tags unused isEmpty var and as any cast - Fix note-editor titleSuggestions typed as any[] Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -3,23 +3,23 @@ version: '3.8'
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:16-alpine
|
||||
container_name: keep-postgres
|
||||
container_name: memento-postgres
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
POSTGRES_USER: keepnotes
|
||||
POSTGRES_PASSWORD: keepnotes
|
||||
POSTGRES_DB: keepnotes
|
||||
POSTGRES_USER: memento
|
||||
POSTGRES_PASSWORD: memento
|
||||
POSTGRES_DB: memento
|
||||
volumes:
|
||||
- postgres-data:/var/lib/postgresql/data
|
||||
ports:
|
||||
- "5432:5432"
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "pg_isready -U keepnotes"]
|
||||
test: ["CMD-SHELL", "pg_isready -U memento"]
|
||||
interval: 5s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
networks:
|
||||
- keep-network
|
||||
- memento-network
|
||||
|
||||
memento-note:
|
||||
build:
|
||||
@@ -32,7 +32,7 @@ services:
|
||||
- "3000:3000"
|
||||
environment:
|
||||
# Database
|
||||
- DATABASE_URL=postgresql://keepnotes:keepnotes@postgres:5432/keepnotes
|
||||
- DATABASE_URL=postgresql://memento:memento@postgres:5432/memento
|
||||
- NODE_ENV=production
|
||||
|
||||
# Application (IMPORTANT: Change these!)
|
||||
@@ -58,7 +58,7 @@ services:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- keep-network
|
||||
- memento-network
|
||||
# Optional: Resource limits for Proxmox VM
|
||||
deploy:
|
||||
resources:
|
||||
@@ -87,7 +87,7 @@ services:
|
||||
# volumes:
|
||||
# - ollama-data:/root/.ollama
|
||||
# networks:
|
||||
# - keep-network
|
||||
# - memento-network
|
||||
# deploy:
|
||||
# resources:
|
||||
# limits:
|
||||
@@ -98,7 +98,7 @@ services:
|
||||
# memory: 4G
|
||||
|
||||
networks:
|
||||
keep-network:
|
||||
memento-network:
|
||||
driver: bridge
|
||||
|
||||
volumes:
|
||||
|
||||
Reference in New Issue
Block a user