ewoooc

wooo/ewoooc

Fork 0

Commit Graph

Author	SHA1	Message	Date
ogt	f59b23f969	security: P0 修復 S1-S5 — 移除所有硬編碼密碼與 SQL Injection 漏洞 S1: config.py — LOGIN_PASSWORD 移除硬編碼預設值 0936223270，改 fail-fast S2: config.py — SECRET_KEY 移除弱預設值，無值或預設值時 sys.exit(1) S3: services/user_service.py — create_initial_admin 改讀 INITIAL_ADMIN_PASSWORD env S4: app.py — 匯入流程 table_name 正規表達式白名單驗證，date_list 格式驗證 S5: database/manager.py — ALLOWED_SALES_TABLES frozenset 白名單，日期改參數化查詢 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-27 20:34:15 +08:00
ogt	1b4f3a7bbe	feat: EwoooC 初始化 — 完整專案推版至 Gitea Some checks failed CD Pipeline / deploy (push) Failing after 59s Details - 建立 Gitea Actions CD pipeline (.gitea/workflows/cd.yaml) - 部署模式: rsync Python 檔案至 188 → docker restart (volume mount) - Dockerfile/requirements 變動時自動重建 Docker image - 部署通知: Telegram (開始/成功/失敗) - 健康檢查: https://mo.wooo.work/health (最多 5 次重試) - 同步最新 CLAUDE.md / ADR-008 / memory (2026-04-19) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-19 01:21:13 +08:00

Author

SHA1

Message

Date

ogt

f59b23f969

security: P0 修復 S1-S5 — 移除所有硬編碼密碼與 SQL Injection 漏洞

S1: config.py — LOGIN_PASSWORD 移除硬編碼預設值 0936223270，改 fail-fast
S2: config.py — SECRET_KEY 移除弱預設值，無值或預設值時 sys.exit(1)
S3: services/user_service.py — create_initial_admin 改讀 INITIAL_ADMIN_PASSWORD env
S4: app.py — 匯入流程 table_name 正規表達式白名單驗證，date_list 格式驗證
S5: database/manager.py — ALLOWED_SALES_TABLES frozenset 白名單，日期改參數化查詢

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-27 20:34:15 +08:00

ogt

1b4f3a7bbe

feat: EwoooC 初始化 — 完整專案推版至 Gitea

CD Pipeline / deploy (push) Failing after 59s

Details

- 建立 Gitea Actions CD pipeline (.gitea/workflows/cd.yaml)
- 部署模式: rsync Python 檔案至 188 → docker restart (volume mount)
- Dockerfile/requirements 變動時自動重建 Docker image
- 部署通知: Telegram (開始/成功/失敗)
- 健康檢查: https://mo.wooo.work/health (最多 5 次重試)
- 同步最新 CLAUDE.md / ADR-008 / memory (2026-04-19)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-19 01:21:13 +08:00

2 Commits