ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ef529d772b
gitdataai/apps/app/src
History
ZhenYi 6a123170a1 fix: harden session key derivation from APP_SESSION_SECRET 
- Reject secrets shorter than 32 bytes (fall back to generated key)
- Use SHA-256 hash instead of naive byte cycling to derive the key
  (cycling "password" to 64 bytes gave extremely low entropy)
2026-04-27 13:59:31 +08:00
..
args.rs init 2026-04-15 09:08:09 +08:00
logging.rs refactor(apps): migrate app, gitserver, git-hook, email from slog to tracing 2026-04-21 22:30:01 +08:00
main.rs fix: harden session key derivation from APP_SESSION_SECRET 2026-04-27 13:59:31 +08:00