recap-relay/server at da1bba2e6b0786ed0596cedd2ae385e511a6f205 - recap-relay - Gitea: Git with a cup of tea

grant/recap-relay

Files

T

History

Keysat da1bba2e6b Compare operator key in constant time

resolveIdentity and verifyOperatorKey compared the shared
relay_cloud_operator_key with ===/!==, which short-circuits on the first
differing byte — a timing oracle on a high-value key. Use a
timingSafeEqual-based constantTimeEqual, matching admin-auth.js.

2026-06-13 18:22:00 -05:00

..

Wire new routes; identity, summarize-url, dashboard, admin

2026-06-13 13:36:30 -05:00

Guard meeting :id against path traversal

2026-06-13 18:22:00 -05:00

Guard meeting :id against path traversal

2026-06-13 18:22:00 -05:00

admin-auth.js

Wire new routes; identity, summarize-url, dashboard, admin

2026-06-13 13:36:30 -05:00

audio-meta.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

audit-log.js

Wire new routes; identity, summarize-url, dashboard, admin

2026-06-13 13:36:30 -05:00

btcpay-client.js

Add self-serve billing: tiers, credits, BTCPay and Zaprite

2026-06-13 13:36:05 -05:00

chunk-buffer.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

chunked-analyze.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

config.js

Wire new routes; identity, summarize-url, dashboard, admin

2026-06-13 13:36:30 -05:00

credits.js

Fix credit-counter reset on early subscription renewal

2026-06-13 16:23:26 -05:00

hardware-config.js

Add Spark Control hardware backend (diarize, queue, discovery)

2026-06-13 13:36:04 -05:00

hardware-queue.js

Add Spark Control hardware backend (diarize, queue, discovery)

2026-06-13 13:36:04 -05:00

identity.js

Compare operator key in constant time

2026-06-13 18:22:00 -05:00

index.js

Wire new routes; identity, summarize-url, dashboard, admin

2026-06-13 13:36:30 -05:00

job-credits.js

Add self-serve billing: tiers, credits, BTCPay and Zaprite

2026-06-13 13:36:05 -05:00

job-stats.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

jobs.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

keysat-client.js

Wire new routes; identity, summarize-url, dashboard, admin

2026-06-13 13:36:30 -05:00

lan-fetch.js

Add Spark Control hardware backend (diarize, queue, discovery)

2026-06-13 13:36:04 -05:00

meeting-extras.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

meeting-speaker-edits.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

output-store.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

package-lock.json

Bump multer 1.4.5-lts.1 -> ^2.0.1 (DoS CVEs)

2026-06-13 16:23:26 -05:00

package.json

Bump multer 1.4.5-lts.1 -> ^2.0.1 (DoS CVEs)

2026-06-13 16:23:26 -05:00

post-cluster-polish.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

pricing.js

Add self-serve billing: tiers, credits, BTCPay and Zaprite

2026-06-13 13:36:05 -05:00

safe-url.js

Block SSRF on media_url downloads (transcribe-url/summarize-url)

2026-06-13 16:23:26 -05:00

sanitize-error.js

Wire new routes; identity, summarize-url, dashboard, admin

2026-06-13 13:36:30 -05:00

spark-control-events.js

Add Spark Control hardware backend (diarize, queue, discovery)

2026-06-13 13:36:04 -05:00

spark-control.js

Add Spark Control hardware backend (diarize, queue, discovery)

2026-06-13 13:36:04 -05:00

speaker-clustering.js

Add internal-meetings pipeline and post-hoc speaker tools

2026-06-13 13:35:53 -05:00

youtube-captions.js

Wire new routes; identity, summarize-url, dashboard, admin

2026-06-13 13:36:30 -05:00

zaprite-client.js

Add self-serve billing: tiers, credits, BTCPay and Zaprite

2026-06-13 13:36:05 -05:00