Sologretto/itsgoin
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Audit fixes: key permissions, lock contention, Docker IP filter, doc updates

Browse source 
Security: identity.key written with 0600 permissions (Unix). Docker bridge
IPs (172.17-31.x) filtered from is_shareable_addr to prevent topology
disclosure in relay introductions.

Lock contention: ManifestPush relay and DeleteRecord CDN notify now gather
connections under lock, then send outside lock.

UI: syncBtn null guard prevents crash on hidden element.

Documentation: design.html version badge updated to v0.4.4. Self Last
Encounter threshold corrected from 3h to 4h. Multi-Device Identity section
rewritten for multi-identity-per-device (complete) + multi-device (planned)
+ post merge (planned). MEMORY.md updated to v0.4.4+ status.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Scott Reimers 2026-03-31 19:37:17 -04:00
parent 18a40756d8
commit fb1e92985c
5 changed files with 85 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

2
frontend/app.js
View file

@ -3141,7 +3141,7 @@ $('#share-details-btn').addEventListener('click', () => {
overlay.querySelector('#share-close-btn').addEventListener('click', () => overlay.remove());
overlay.addEventListener('click', (e) => { if (e.target === overlay) overlay.remove(); });
});
syncBtn.addEventListener('click', doSyncAll);
if (syncBtn) syncBtn.addEventListener('click', doSyncAll);
if (copyBtn) copyBtn.addEventListener('click', async () => {
try {
await navigator.clipboard.writeText(connectString);