Critical:
- backup: prevent Zip Slip path traversal and zip bombs in restore/convert
via safe_extract(); serialize get_backup() with backup_lock and always
restore CWD so concurrent requests can't corrupt the os.chdir state
- app: only enable the Werkzeug debugger/reloader when ENVIRONMENT=dev;
always init rate limits (also under WSGI), not just under __main__
- apikey: fix create_key never committing (session.commit -> commit()),
validate roles against an allowlist, and fix revoke_key/update_last_used
operating on detached instances so revocation actually persists
- env_provider: redact DB_PASSWORD and SESSION_SECRET_KEY in summerize()
High:
- markdown: filter private/protected docs for non-admins in the listing,
get_home, get_index and search endpoints (was an anonymous data leak);
escape LIKE metacharacters and cap search results
- webhooks: validate target URL to block SSRF (loopback/private/link-local/
metadata IPs), disable redirects, safely parse additional_header
- auth: validate JWT issuer and require exp/iat; add timeout to JWKS fetch;
harden Authorization header parsing against malformed values
- log: require admin for GET /api/log and auth for POST; bound entry size
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
