WildDragonLLC/dragonflight
1
0
Fork 0
Code Issues 18 Pull requests 3 Projects Releases Packages Wiki Activity Actions
dragonflight/services/mam-api
History
Zac Gaetano cb7cc9a43e fix(mam-api): narrow cluster carve-out to /cluster/heartbeat only 
Code-review feedback: startsWith('/cluster') was a prefix match that exposed
destructive operator endpoints (POST /containers/:id/restart, DELETE /:id,
GET /devices/blackmagic/*) unauthenticated. Only POST /heartbeat is genuine
node-agent traffic; everything else in cluster.js is operator/UI surface
that should go through requireAuth. Long-term: issue node-agent a bound
api_token and drop the carve-out entirely.
2026-05-27 14:18:27 -04:00
..
src fix(mam-api): narrow cluster carve-out to /cluster/heartbeat only 2026-05-27 14:18:27 -04:00
test feat(mam-api): requireAuth middleware — session + bearer + idle/absolute timeout 2026-05-27 13:59:50 -04:00
.env.example add services/mam-api/.env.example 2026-04-07 21:58:24 -04:00
.gitignore add services/mam-api/.gitignore 2026-04-07 21:58:24 -04:00
Dockerfile feat: SDK deployment UI, proxy encoding global settings, S3 env fallback 2026-05-23 02:58:32 +00:00
package.json fix(mam-api): test glob — use find so npm test picks up files at any depth 2026-05-27 13:54:12 -04:00