egutierrez 01e2ee1aa0 Merge issue/0004a-dos-limit: pre-auth DoS hardening (H1) ...

Body-size ceilings (MaxBytesReader, per-route + Content-Length pre-reject),
Server.MaxHeaderBytes, and a per-IP token-bucket rate limit shut the critical
pre-auth memory-exhaustion vector. Regression test asserts a bounded RSS.

2026-06-07 14:16:13 +02:00

android

feat(android): app Kotlin/Compose sobre el binding gomobile

2026-06-06 18:43:10 +02:00

cmd

feat(membership): bound request bodies and add per-IP rate limit

2026-06-07 14:16:04 +02:00

deploy

feat(deploy/tls): self-signed CA + server cert generator

2026-06-07 12:44:13 +02:00

dev

docs(issues): encolar 0002 (media v2), 0003 (descentralización HA), 0004 (hardening seguridad)

2026-06-07 14:04:33 +02:00

migrations

feat(membership): add 002_users.sql migration and user CRUD store

2026-06-07 12:23:11 +02:00

mobile

feat(client,cmd,mobile): connect securely via client.Connect(caPath)

2026-06-07 12:49:19 +02:00

pkg

test(membership): regression for H1 pre-auth DoS body limit

2026-06-07 14:16:04 +02:00

playground

docs(0001e): note remaining gateway and unibots migration

2026-06-07 12:49:19 +02:00

web

feat(web): SPA de chat (React + Vite + Mantine v9)

2026-06-06 18:43:10 +02:00

.gitignore

chore: sync from fn-registry agent

2026-06-03 21:37:25 +02:00

app.md

docs(app): bump to 0.4.0 — room discovery endpoint growth log

2026-06-07 03:08:07 +02:00

go.mod

feat(membership): bound request bodies and add per-IP rate limit

2026-06-07 14:16:04 +02:00

go.sum

feat(membership): bound request bodies and add per-IP rate limit

2026-06-07 14:16:04 +02:00

S

Description

Synced from fn_registry

1.3 MiB

Languages

Go 94.2%

TypeScript 3.1%

Shell 2.6%