owain/MileVault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bdd5f80c7e972638e3ed9756754f48812c8fc6b4
MileVault/backend/app
T
History
owain bdd5f80c7e
Build and push images / validate (push) Successful in 3s
Details
Build and push images / build-backend (push) Successful in 6s
Details
Build and push images / build-worker (push) Successful in 4s
Details
Build and push images / build-frontend (push) Successful in 8s
Details
Harden auth/upload, fix PR-delete cascade and sync backfill 
- OIDC: require signed short-lived state on login callback; reject
  missing userinfo sub (account-takeover guard); validate token
  exchange + userinfo responses
- Upload: safe zip extraction (path-traversal + zip-bomb cap),
  streamed size-capped writes, sanitised filenames
- Garmin: increasing lookback resets last_sync_at for one-time backfill
- Activities: delete/reprocess remove PersonalRecord rows (no FK cascade)
- Profile: validate /weight limit; sync lookback UI copy
- Dashboard: sleep shading uses same day as charted body battery

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-09 20:24:24 +01:00
..
api
Harden auth/upload, fix PR-delete cascade and sync backfill
2026-06-09 20:24:24 +01:00
core
Cut Garmin sync API volume; dashboard/health/records/UI improvements
2026-06-09 11:52:52 +01:00
models
Cut Garmin sync API volume; dashboard/health/records/UI improvements
2026-06-09 11:52:52 +01:00
services
Cut Garmin sync API volume; dashboard/health/records/UI improvements
2026-06-09 11:52:52 +01:00
workers
Cut Garmin sync API volume; dashboard/health/records/UI improvements
2026-06-09 11:52:52 +01:00
__init__.py
Initial Commit
2026-06-06 13:23:33 +01:00
main.py
Batch 1: dashboard, maps, segments rewrite, health, sync UX
2026-06-08 19:59:06 +01:00