fix(security): Phase 1 P0 hardening from cross-project audit
Close open uploads, image-proxy SSRF, fail-open AI quotas in production, auth gaps on app routes, and MCP tenant isolation issues. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -127,7 +127,7 @@ services:
|
||||
- .env.docker
|
||||
ports:
|
||||
# SSE mode exposes port 3001, stdio mode doesn't need ports
|
||||
- "3001:3001"
|
||||
- "127.0.0.1:3001:3001"
|
||||
environment:
|
||||
# DATABASE_URL is auto-constructed from PostgreSQL credentials (not in .env.docker)
|
||||
- DATABASE_URL=postgresql://${POSTGRES_USER:-memento}:${POSTGRES_PASSWORD:-memento}@postgres:5432/${POSTGRES_DB:-memento}
|
||||
|
||||
Reference in New Issue
Block a user