kai/smart-support
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: address code and security review findings for Phase 5

Browse Source 
- Add nginx security headers (X-Frame-Options, X-Content-Type-Options, etc.)
- Fix postgres networking: add to app_network, comment out host port exposure
- Fix rate limit memory leak: add bounded eviction for stale thread entries
- Use immutable update pattern in rate limit check (no .append mutation)
- Extract _VERSION constant to avoid duplicate hardcoded version string
This commit is contained in:
Yaojia Wang
2026-03-31 21:35:13 +02:00
parent 0e78e5b06b
commit d2b4610df9
4 changed files with 27 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/app/main.py
View File

@@ -93,7 +93,9 @@ async def lifespan(app: FastAPI) -> AsyncGenerator[None, None]:
await pool.close()
app = FastAPI(title="Smart Support", version="0.5.0", lifespan=lifespan)
_VERSION = "0.5.0"
app = FastAPI(title="Smart Support", version=_VERSION, lifespan=lifespan)
app.include_router(openapi_router)
app.include_router(replay_router)
@@ -103,7 +105,7 @@ app.include_router(analytics_router)
@app.get("/api/health")
def health_check() -> dict:
"""Health check endpoint for load balancers and monitoring."""
return {"status": "ok", "version": "0.5.0"}
return {"status": "ok", "version": _VERSION}
@app.websocket("/ws")