mirrors/go-hauk
2
0
Fork 0
mirror of https://github.com/parkan/go-hauk.git synced 2026-06-22 19:27:46 +02:00
Code Issues Packages Projects Releases Wiki Activity

add security disclaimer to readme

Browse Source
This commit is contained in:
Arkadiy Kukarkin
2026-05-28 14:07:21 +02:00
parent 69e02b0102
commit 558c54537e
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@@ -58,6 +58,14 @@ see `config/config.go` for full list.
- adopt authorization: only share owner can adopt into groups (fixes CVE-like auth bypass in upstream) - adopt authorization: only share owner can adopt into groups (fixes CVE-like auth bypass in upstream)
- built-in rate limiting on auth and adopt endpoints (configurable, default 10 req/min/ip) - built-in rate limiting on auth and adopt endpoints (configurable, default 10 req/min/ip)
## disclaimer
this is a best-effort port of the upstream reference backend. the security
surface has been mitigated where practical, but no third-party audit has been
performed, and risks inherent in the upstream protocol (e.g. 6-digit group pins,
view links readable by anyone with the url) are carried forward. use at your own
discretion.
## compatibility ## compatibility
drop-in replacement for the php backend. works with the existing android app and web frontend. drop-in replacement for the php backend. works with the existing android app and web frontend.