6 Commits

Author	SHA1	Message	Date
Dr.Lt.Data	ef8703a3d7	security(api): add path traversal and CRLF injection protection ... - Add is_safe_path_target() and get_safe_file_path() utilities - Validate history id and snapshot target parameters in API endpoints - Sanitize config string values to prevent CRLF injection	2026-01-08 18:35:03 +09:00
Dr.Lt.Data	43041cebed	modified: Do not modify generated_models.py directly; use openapi.yaml instead.	2025-06-28 07:54:17 +09:00
Dr.Lt.Data	002e549a86	modified: security policy ... - Strengthened the default security policy - Subdivided the risky levels high and middle into high+, high, middle+, and middle - Added support for personal_cloud network mode - Updated README.md fixed: invalid security message fixed: legacy - crash when security policy violation occurred modified: default 'use_uv' is now True	2025-06-27 01:38:38 +09:00
bymyself	14298b0859	[fix] Remove unused imports to fix linting errors	2025-06-17 13:08:52 -07:00
bymyself	7f1ebbe081	[cleanup] Remove completed TODO comments and fix ruff issues ... - Removed completed TODO comments about code quality checks and client_id handling - Updated comments to reflect implemented features - Fixed ruff linting errors: - Removed duplicate constant definitions - Added missing locale import - Fixed unused imports - Moved is_local_mode logic to security_utils module - Added model_dir_name_map import to model_utils All ruff checks now pass successfully.	2025-06-13 19:37:57 -07:00
bymyself	601f1bf452	[feat] Add client_id support to task queue system ... - Add client_id field to QueueTaskItem and TaskHistoryItem models - Implement client-specific WebSocket message routing - Add client filtering to queue status and history endpoints - Follow ComfyUI patterns for session management - Create data_models package for better code organization	2025-06-13 19:33:05 -07:00