core/api
8
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions
No description
264 commits 3 branches 9 tags 3.1 MiB
Find a file
Snider 372326297e fix(pr#2): address CodeRabbit round 2 review findings 
Go:
- cache: fix TOCTOU race in get() — re-verify entry pointer under lock before
  evicting to prevent corrupting s.currentBytes and removing a newly-set entry
- bridge: fix writeErrorResponse recorder out of sync — buffer into w.body/
  w.headers and call commit() so Status(), Header(), Size() reflect error response
- bridge: fix ValidateResponse number precision — use json.Decoder+UseNumber for
  initial envelope decode to preserve large integers (matches Validate path)
- ratelimit: fix unreachable credential branches — move X-API-Key and
  Authorization hashing before IP fallback so NAT'd clients are bucketed by key
- openapi: gate cacheSuccessHeaders on sb.CacheEnabled flag, not just method==get
- openapi: use isNilRouteGroup in prepareRouteGroups to catch typed-nil RouteGroup

PHP:
- RateLimitExceededException: remove ad-hoc CORS handling — let framework CORS
  middleware apply correct headers for all responses including errors
- SeoReportService.extractCharset: parse charset token from Content-Type value
  instead of returning the full "text/html; charset=utf-8" string
- SeoReportService: validate IP literals directly with filter_var before DNS
  lookup so ::ffff:127.0.0.1-style hosts don't bypass private-IP checks
- SeoReportService.isPrivateIp: extract isPrivateIpv4 helper; handle
  IPv4-mapped IPv6 (::ffff::/96) by checking embedded IPv4 against private
  ranges; add 0.0.0.0/8 to private range list

Co-Authored-By: Virgil <virgil@lethean.io>
2026-04-07 09:11:05 +01:00
.core feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
cmd/api fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
docs docs(api): align cache docs with explicit limits 2026-04-02 08:36:59 +00:00
go-io feat(api): add stable openapi operation ids 2026-04-01 07:36:35 +00:00
go-log feat(api): add stable openapi operation ids 2026-04-01 07:36:35 +00:00
pkg/provider fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
src/php fix(pr#2): address CodeRabbit round 2 review findings 2026-04-07 09:11:05 +01:00
.gitattributes feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
.gitignore chore: add .core/ and .idea/ to .gitignore 2026-03-15 10:17:49 +00:00
api.go feat(api): snapshot authentik runtime config 2026-04-02 13:17:08 +00:00
api_test.go fix(api): return engine groups by copy 2026-04-01 21:16:10 +00:00
authentik.go fix(api): normalise runtime metadata snapshots 2026-04-02 16:48:37 +00:00
authentik_integration_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
authentik_test.go fix(auth): exempt swagger ui path in authentik middleware 2026-04-02 06:29:34 +00:00
authz_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
bridge.go fix(pr#2): address CodeRabbit round 2 review findings 2026-04-07 09:11:05 +01:00
bridge_test.go fix(api): trim tool bridge tags 2026-04-02 00:31:38 +00:00
brotli.go feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
brotli_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
cache.go fix(pr#2): address CodeRabbit round 2 review findings 2026-04-07 09:11:05 +01:00
cache_config.go feat(api): expose cache config snapshot 2026-04-02 09:23:02 +00:00
cache_test.go docs(api): align cache docs with explicit limits 2026-04-02 08:36:59 +00:00
CLAUDE.md feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
client.go fix(api): correct OpenAPI iterator examples 2026-04-03 04:50:54 +00:00
client_test.go fix(api): correct OpenAPI iterator examples 2026-04-03 04:50:54 +00:00
codegen.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
codegen_test.go fix(api): harden SDK generator inputs 2026-04-02 13:43:07 +00:00
composer.json feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
export.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
export_test.go fix(cmd/api): normalise spec export formats 2026-04-02 08:12:47 +00:00
expvar_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
go.mod fix: migrate module paths from forge.lthn.ai to dappco.re 2026-04-04 16:21:11 +01:00
go.sum feat(openapi): omit auth errors on public routes 2026-04-01 21:46:06 +00:00
graphql.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
graphql_config_test.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
graphql_test.go feat(graphql): normalise custom mount paths 2026-04-01 18:08:27 +00:00
group.go docs(api): add AX usage examples 2026-04-02 07:51:21 +00:00
group_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
gzip_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
httpsign_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
i18n.go feat(api): add i18n config snapshot 2026-04-02 12:25:38 +00:00
i18n_test.go feat(api): add i18n config snapshot 2026-04-02 12:25:38 +00:00
LICENCE feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
location_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
middleware.go docs(api): add AX usage examples 2026-04-02 07:51:21 +00:00
middleware_test.go fix(response): attach meta to all json responses 2026-04-02 03:38:34 +00:00
modernization_test.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
norace_test.go feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
openapi.go fix(pr#2): address CodeRabbit round 2 review findings 2026-04-07 09:11:05 +01:00
openapi_test.go fix(api): omit disabled graphql playground spec metadata 2026-04-03 04:56:48 +00:00
options.go fix(api): normalise runtime metadata snapshots 2026-04-02 16:48:37 +00:00
pprof_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
race_test.go feat(api): merge go-api + php-api into polyglot repo 2026-03-14 10:03:29 +00:00
ratelimit.go fix(pr#2): address CodeRabbit round 2 review findings 2026-04-07 09:11:05 +01:00
ratelimit_test.go fix(api): scope rate limiting by key 2026-04-01 18:22:17 +00:00
response.go docs(api): add AX usage examples 2026-04-02 07:51:21 +00:00
response_meta.go fix(pr#2): address CodeRabbit major/critical review findings 2026-04-07 08:38:41 +01:00
response_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
runtime_config.go feat(api): include graphql in runtime snapshots 2026-04-02 13:58:56 +00:00
secure_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
servers.go feat(api): collapse equivalent OpenAPI servers 2026-04-01 20:01:34 +00:00
sessions_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
slog_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
spec_builder_helper.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
spec_builder_helper_internal_test.go refactor(api): normalise config snapshots 2026-04-02 12:38:54 +00:00
spec_builder_helper_test.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
spec_registry.go refactor(api): centralise spec group iterator 2026-04-02 07:57:58 +00:00
spec_registry_test.go refactor(api): centralise spec group iterator 2026-04-02 07:57:58 +00:00
sse.go docs(api): add AX usage examples 2026-04-02 07:51:21 +00:00
sse_test.go fix(api): preserve streaming response passthrough 2026-04-02 06:04:06 +00:00
static_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
sunset.go fix(api): preserve sunset response headers 2026-04-01 23:33:52 +00:00
sunset_test.go fix(api): preserve sunset response headers 2026-04-01 23:33:52 +00:00
swagger.go refactor(api): assert swagger spec interface 2026-04-02 13:12:08 +00:00
swagger_internal_test.go fix(api): snapshot swagger groups 2026-04-02 00:24:54 +00:00
swagger_test.go fix(api): redirect swagger base path 2026-04-02 07:44:55 +00:00
timeout_test.go fix(api): disable non-positive timeouts 2026-04-01 13:12:51 +00:00
tracing.go fix(api): add tracing AX examples 2026-04-02 14:29:59 +00:00
tracing_test.go chore: migrate to dappco.re vanity import path 2026-03-21 23:50:37 +00:00
transport.go fix(api): surface GraphQL playground metadata 2026-04-03 04:38:22 +00:00
websocket.go feat(api): add configurable websocket path 2026-04-02 03:21:28 +00:00
websocket_test.go fix(api): preserve streaming response passthrough 2026-04-02 06:04:06 +00:00