Dan Milne dkam

0 Followers · 0 Following

• Joined on 2024-09-26

Repositories

13

Projects Packages Public Activity Starred Repositories

dkam pushed to main at dkam/clinch 2025-12-30 23:35:37 +00:00

9530c8284f Version bump

bb5aa2e6d6 Add rails encryption for totp - allow configuration of encryption secrets from env, or derive them from SECRET_KEY_BASE. Don't leak email address via web_authn, rate limit web_authn, escape oidc state value, require password for changing email address, allow settings the hmac secret for token prefix generation

cc7beba9de PKCE is now default enabled. You can now create public / no-secret apps OIDC apps

00eca6d8b2 Default deny forward_auth requests

Compare 4 commits »

dkam pushed to main at dkam/clinch 2025-12-30 00:58:38 +00:00

32235f9647 version bump

dkam pushed to main at dkam/clinch 2025-12-30 00:58:18 +00:00

71d59e7367 Remove plain text token from everywhere

99c3ac905f Add a token prefix column, generate the token_prefix and the token_digest, removing the plaintext token from use.

Compare 2 commits »

dkam pushed to main at dkam/clinch 2025-12-29 13:18:26 +00:00

0761c424c1 Fix tests. Remove tests which test rails functionality

2a32d75895 Fix tests - don't test standard rails features

Compare 2 commits »

dkam pushed to main at dkam/clinch 2025-12-29 08:22:17 +00:00

4c1df53fd5 Fix more tests

acab15ce30 Fix more tests

Compare 2 commits »

dkam pushed to main at dkam/clinch 2025-12-29 04:37:19 +00:00

0361bfe470 Fix forward_auth bugs - including disabled apps still working. Fix forward_auth tests

5b9d15584a Add more rate limiting, and more restrictive headers

Compare 2 commits »

dkam pushed to main at dkam/clinch 2025-12-29 02:27:38 +00:00

898fd69a5d Add permissions initializer and missing image paste controller

9cf01f7c7a Bump versoin

Compare 2 commits »

dkam pushed to main at dkam/clinch 2025-12-28 03:40:58 +00:00

ab362aabac Remove the rate limit for the forward auth system

283feea175 Update depenencies, bump versoin

Compare 2 commits »

dkam pushed to expand-geo at Baffle-WAF/baffle-hub 2025-12-27 00:56:26 +00:00

e53e782223 Find supernets, don't create them

dkam created pull request Baffle-WAF/baffle-hub#2 2025-12-25 01:06:28 +00:00

Expand geo ranges when possible

dkam pushed to expand-geo at Baffle-WAF/baffle-hub 2025-12-25 01:06:18 +00:00

108caf2fe6 Expand geo ranges when possible

dkam pushed to expand-geo at Baffle-WAF/baffle-hub 2025-12-25 01:04:59 +00:00

dkam created branch expand-geo in Baffle-WAF/baffle-hub 2025-12-25 01:04:59 +00:00

dkam pushed to main at Baffle-WAF/baffle-hub 2025-12-25 01:04:24 +00:00

225d970123 Update duckdb. use more duckdb. Fix the display of stats

a0ff0edb73 Update duckdb. use more duckdb

693851f664 Use only parquet files for events

Compare 3 commits »

dkam pushed to main at Baffle-WAF/baffle-hub 2025-12-02 03:01:51 +00:00

032243ba6a Smarter backfil

dkam pushed to main at Baffle-WAF/baffle-hub 2025-12-01 10:23:30 +00:00

1aa77066a1 Catch exceptions in the process waf job, use symbols for actions, Don't create a rule which matches a supernet rule.

dkam pushed to main at Baffle-WAF/baffle-hub 2025-12-01 08:54:53 +00:00

f0ad3b2c90 Two bug fixes

dkam pushed to main at Baffle-WAF/baffle-hub 2025-12-01 04:59:33 +00:00

54d9c3a0d9 Move version file, fix oidc, make jobs use envs

dkam pushed to main at dkam/clinch 2025-11-30 11:30:24 +00:00

7af8624bf8 Handle empty backchannel logout urls

dkam pushed to main at Baffle-WAF/baffle-hub 2025-11-30 02:31:22 +00:00

3eddfe9f7e Better version support

179563022e Drop add_headers - headers can now be added to meta[] to be applied for any action. Consilidate Tagging in a service

de2eb43e2b More use of tags - drop add_header action -> allow + headers+tags

Compare 3 commits »