| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
- Add missing 'developer' case to check_custom_feed_limit trigger (was falling through to else 1)
- Scope user_entry_states join to authenticated user in /api/v1/entries (admin client bypasses RLS)
- Replace in-memory rate limiting with Supabase-backed solution (UNLOGGED table + check_rate_limit RPC + pg_cron cleanup)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Webhook entry identifier: use entry GUID instead of feed identifier
- Optimistic rollback: add previousTimeline snapshot and onError handler
to both useToggleEntryReadState and useToggleEntrySavedState
- Rate limiter memory leak: delete Map entries when window expires,
use else-if to avoid re-setting after delete
- Entries API limit param: use Number.isFinite guard instead of falsy
coercion that treats 0 as default
- PWA manifest: add PNG raster icon routes (192x192, 512x512) for
devices that don't support SVG icons
- Billing webhook: throw on DB errors and return 500 so Stripe retries
failed events instead of silently losing them
|
| |
|
|
|
|
| |
Rename API key prefix from asn_ to asa_, fix key revoke by aligning
response property names with frontend interface, and add server/client
validation to prevent enabling webhooks without a URL.
|
| |
|
|
|
|
|
|
| |
Comprehensive sweep of all user-facing text to enforce lowercase
convention, including acronyms (api, rest, http, opml, json, totp,
mfa, qr, hmac). Added asa-lowercase/lowercase-strings eslint rule
that reports uppercase in notify() calls, error messages, jsx text,
and checked attributes (placeholder, alt, title).
|
|
|
Full-stack RSS reader SaaS: Supabase + Next.js + Go worker.
Includes three subscription tiers (free/pro/developer), API key auth,
read-only REST API, webhook push notifications, Stripe billing with
proration, and PWA support.
|