jubnl 959015928f feat(security): mask saved webhook URLs instead of returning encrypted values ...

Encrypted webhook URLs are no longer returned to the frontend. Both user
and admin webhook fields now show '••••••••' as a placeholder when a URL
is already saved, and the sentinel value is skipped on save/test so the
stored secret is never exposed or accidentally overwritten.

2026-04-05 06:08:44 +02:00

..

public

chore(CRLF): normalize index.html line endings to LF

2026-04-05 04:35:17 +02:00

scripts

feat: add encryption key migration script and document it in README

2026-04-01 09:35:32 +02:00

src

feat(security): mask saved webhook URLs instead of returning encrypted values

2026-04-05 06:08:44 +02:00

tests

fix(security): address notification system security audit findings

2026-04-05 03:36:50 +02:00

.env.example

docs(oidc): fix OIDC_SCOPE default and clarify override behavior, skip CI for docs-only pushes, remove stale audit files

2026-04-04 14:48:11 +02:00

package-lock.json

feat(todo): add To-Do list feature with 3-column layout

2026-04-04 16:58:24 +02:00

package.json

chore: bump version to 2.8.4 [skip ci]

2026-04-04 13:20:50 +00:00

reset-admin.js

Stabilize core: better-sqlite3, versioned migrations, graceful shutdown

2026-03-22 17:52:24 +01:00

tsconfig.json

some fixes

2026-03-30 06:59:24 +02:00

vitest.config.ts

refactor(mcp): replace direct DB access with service layer calls

2026-04-04 18:12:53 +02:00