Replaces fixed-interval polling with a priority queue scheduler that adjusts
check frequency based on activity recency (15min for active projects, up to
24hr for stale ones). Includes exponential backoff on errors and staggered
initial checks to prevent API rate limit issues.
- Add project_media table with image/video variants, ordering, and metadata
- Implement multipart upload handlers with 50MB limit
- Generate blurhash placeholders and resize images to thumb/medium/full variants
- Update ProjectCard to use media carousel instead of mock gradients
- Add MediaManager component for drag-drop upload and reordering
Implements in-memory caching for SSR pages using moka with:
- Configurable fresh/stale TTLs (60s/300s defaults)
- Background refresh for stale entries
- Cache invalidation on project/tag mutations
- Pre-cached icon collections on startup
- Skips cache for authenticated requests
Extract reqwest client creation into dedicated HttpClient abstraction that handles both TCP and Unix socket connections transparently. Simplifies proxy logic by removing duplicate URL construction and client selection throughout the codebase.
- Add admin user management with Argon2 password hashing
- Implement session management with ULID-based tokens and 7-day expiry
- Add authentication middleware for protected routes and API endpoints
- Forward validated session to SvelteKit via trusted X-Session-User header
- Refactor admin panel to use server-side authentication checks
- Add SQLx with Postgres support and migration system
- Create projects table with status enum and auto-updated timestamps
- Implement database queries and API response conversion layer
- Add Justfile commands for database management and seeding
- Integrate health checks for both Bun and database connectivity
Implements slow-drip response handler for known bot paths (wp-admin, phpmyadmin, etc.) to waste attacker resources. Includes per-IP and global connection limits, configurable delays, and random chunking. Also applies clippy lint fixes across codebase.
- Implement health check system with caching and singleflight pattern
- Add OG image generation via Satori with R2 storage backend
- Configure Railway deployment with health check endpoint
- Add connection pooling and Unix socket support for Bun SSR
- Block external access to internal routes (/internal/*)
- Validate Content-Type for API requests (application/json only)
- Add HEAD method handlers for all routes
- Add 1MB request body limit
- Improve method not allowed responses with Allow header
- Add include_dir for serving /_app static bundles from binary
- Add console-logger.js for structured JSON logs from Bun
- Fix API routing edge cases and add method restrictions
- Axum-based API server with Unix socket and TCP support
- Custom tracing formatters for Railway-compatible JSON logs
- SvelteKit hooks and Vite plugin for unified logging
- Justfile updated for concurrent dev workflow with hl log viewer
