cf2ed37c1e
feat: add INIT_REGULAR_USER env var, move bill_history_ranges to v0.42 migration
...
- Add INIT_REGULAR_USER/INIT_REGULAR_PASS for non-admin test user creation
- Regular user created at startup with role='user', not admin
- Move bill_history_ranges from inline to versioned migration v0.42
- Clean up FUTURE.md: remove completed items, add skip-first-login item
2026-05-09 16:38:28 -05:00
6c7d481494
feat: add admin about page with security hardening
...
- Add /api/about-admin endpoint (admin-only, path traversal protection, content redaction, error sanitization)
- Add /admin/about route with RequireAuth admin guard
- Add adminActionLimiter rate limiting on about-admin endpoint
- Add rehype-sanitize XSS prevention in AboutPage.jsx
- Add aboutAdmin API client endpoint
- Create HISTORY.md with version bump convention (patch/minor/major)
- Update Engineering Reference Manual with about-admin docs and security measures
- Add INIT_REGULAR_USER/INIT_REGULAR_PASS env vars to docs
- Update FUTURE.md with critical regular user env var item
2026-05-09 16:25:12 -05:00
4d1709aea3
push
2026-05-09 13:03:36 -05:00
d1efeece04
push
2026-05-04 20:12:57 -05:00
b019487423
init
2026-05-04 16:38:03 -05:00
969139251d
calendar
2026-05-04 13:14:32 -05:00
d46b85da8a
logo
2026-05-03 22:33:21 -05:00
b9d1366d46
initial commit
2026-05-03 19:51:57 -05:00
null