snider
|
8fb240967a
|
fix: Address 9 security findings from code review (batch 6)
Security fixes:
- CRIT-012: Add compile-time bounds checking in Job::setBlob()
- CRIT-017: Add header count limit (64 max) to prevent DoS
- HIGH-005: Disable TLSv1.0 and TLSv1.1 (BEAST/POODLE vulnerable)
- HIGH-008: Document signal handler safety (libuv defers to event loop)
- HIGH-011: Fix memory leak in BindHost using String copy constructor
- HIGH-023: Document JSON type safety check in Client::parse()
Quality improvements:
- MED-002: Add security headers (X-Content-Type-Options, X-Frame-Options, CSP)
- MED-007: Add URL length validation (8KB limit)
- MED-009: Reduce self-signed cert validity from 10 years to 1 year
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2025-12-31 19:14:24 +00:00 |
|
snider
|
69376b886f
|
feat: Rebrand xmrig to miner and vendor XMRig ecosystem
Complete rebranding of all components:
- Core miner: xmrig -> miner (binary, version.h, CMakeLists.txt)
- Proxy: xmrig-proxy -> miner-proxy
- CUDA plugin: xmrig-cuda -> miner-cuda
- Heatmap: xmrig-nonces-heatmap -> miner-nonces-heatmap
- Go CLI wrapper: miner-cli -> miner-ctrl
Vendored XMRig ecosystem into miner/ directory:
- miner/core - XMRig CPU/GPU miner
- miner/proxy - Stratum proxy
- miner/cuda - NVIDIA CUDA plugin
- miner/heatmap - Nonce visualization tool
- miner/config - Configuration UI
- miner/deps - Pre-built dependencies
Updated dev fee to use project wallet with opt-out (kMinimumDonateLevel=0)
Updated branding to Lethean (domain, copyright, version 0.1.0)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2025-12-30 19:43:02 +00:00 |
|