6bd23e7e8b
- Disable open /api/auth/register endpoint (gateway) - Require gateway session auth on Immich and Karakeep hooks proxies - Replace SHA-256 with bcrypt in fitness service (auth + seed) - Remove hardcoded Telegram user IDs from fitness seed - Add Secure flag to session cookie - Add domain allowlist and content-type validation to image proxy - Strengthen .gitignore (env variants, runtime data, test artifacts)
40 lines
454 B
Plaintext
40 lines
454 B
Plaintext
# Secrets and local config
|
|
.env
|
|
.env.*
|
|
!.env.example
|
|
services/**/.env
|
|
services/**/.env.*
|
|
|
|
# Dependencies
|
|
node_modules/
|
|
frontend-v2/node_modules/
|
|
|
|
# Build artifacts
|
|
.svelte-kit/
|
|
frontend-v2/.svelte-kit/
|
|
build/
|
|
frontend-v2/build/
|
|
__pycache__/
|
|
*.pyc
|
|
|
|
# Runtime data
|
|
*.db
|
|
*.db-journal
|
|
*.db-wal
|
|
*.db-shm
|
|
data/
|
|
**/data/*.db
|
|
**/data/*.json
|
|
services/fitness/data/
|
|
services/trips/data/
|
|
gateway/data/
|
|
|
|
# OS
|
|
.DS_Store
|
|
|
|
# Media
|
|
*.png
|
|
|
|
# Test artifacts
|
|
test-results/
|