Dan Milne dkam

0 Followers · 0 Following

• Joined on 2024-09-26

Repositories

13

Projects Packages Public Activity Starred Repositories

dkam pushed to main at dkam/clinch 2026-06-28 13:10:56 +00:00

c85d25c4b9 Untrack SECURITY_REVIEW_TODO.md and gitignore it

dkam pushed to main at dkam/clinch 2026-06-21 08:29:44 +00:00

1b0d323572 Bump version to 0.16.3

dkam pushed to main at dkam/clinch 2026-06-21 08:09:33 +00:00

d1d626c540 Rework build workflow to trigger on version bump + manual dispatch

dkam pushed tag v0.16.2 to dkam/clinch 2026-06-21 05:46:00 +00:00

dkam pushed to main at dkam/clinch 2026-06-21 05:45:59 +00:00

782e197d91 Fix access check form: use GET so results render

020759bfb3 Fix invalid require-trusted-types-for CSP directive

85f50bfc96 Add GitHub Actions workflow to build and publish image to GHCR

Compare 3 commits »

dkam pushed to main at dkam/clinch 2026-06-21 03:57:44 +00:00

b55139eb1c Fix Sentry config to use Sentry.init API

dkam pushed to main at dkam/clinch 2026-06-21 03:54:10 +00:00

8f578ed3f4 Upgrade Ruby to 4.0.5

aa5736ddab Update gems and fix lint to clear CI failures

Compare 2 commits »

dkam pushed to main at dkam/clinch 2026-06-14 22:26:29 +00:00

49068aa344 Add tests

dkam pushed to main at dkam/clinch 2026-06-14 22:21:30 +00:00

07ea031b61 Remove hardcoded internal IP from production hosts allowlist

dkam pushed to main at dkam/clinch 2026-06-11 13:54:26 +00:00

209c5496d8 Fix asset precompile boot and bump version to 0.16.0

d49e7ce4f5 Move CSP to nonces; remove unsafe-inline from script-src and style-src

44892e3301 Make WebAuthn clone detection actually block, and fix false positives

24266872f9 Revoke access tokens too on refresh-token reuse detection

cd862c7cd7 Filter code params from logs (TOTP, backup, OAuth code, PKCE)

Compare 13 commits »

dkam pushed to main at dkam/clinch 2026-06-07 08:58:14 +00:00

2843790cef Apps index access column + summary + admin access checker

dkam pushed to main at dkam/clinch 2026-06-07 08:33:20 +00:00

0e9ec71013 Link the user show page from the admin users index

fe68f6e81e Use Tailwind dark: toggles for dark-mode icons

Compare 2 commits »

dkam pushed to main at dkam/clinch 2026-06-07 07:15:35 +00:00

c5ab7dc2a5 Compact icon uploader shared between light and dark icon fields

dkam pushed to main at dkam/clinch 2026-06-07 07:05:56 +00:00

bfad9c4e9d Generated monogram fallback + optional dark-mode icon per application

dkam pushed to main at dkam/clinch 2026-06-07 06:46:44 +00:00

5b41db2c6a Fix FileNotFoundError when uploading an SVG icon

dkam pushed to main at dkam/clinch 2026-06-07 06:26:05 +00:00

03dfdbd83a Default-deny access control with group flags and access enumeration

6b58b685c4 Bump version to 0.12.0

a399907dfd Allow assigning applications to a group from the group form

bbfb564e1c Show Clinch, Rails and Ruby versions in sidebar footer; bump to 0.11.0

Compare 4 commits »

dkam pushed to main at dkam/clinch 2026-05-26 12:20:22 +00:00

9663110938 Bump version to 0.10.2

0bca1d2bac Allow OAuth redirect_uri host in form-action CSP on sign-in pages

Compare 2 commits »

dkam pushed to main at dkam/clinch 2026-05-15 11:21:08 +00:00

bdb10d86fb Show OIDC env vars on application show page under a toggle

37e6e2cc19 Show copy-pasteable OIDC env vars after creating an app

9648b64043 Bump version to 0.10.1

a5eba9a5cd Update transitive gems

afa90303c8 Bump Rails from 8.1.2 to 8.1.3

Compare 11 commits »

dkam pushed to main at dkam/clinch 2026-05-02 13:41:58 +00:00

7d352654fd Fix broken password reset email templates

dkam pushed to main at dkam/clinch 2026-05-02 13:39:42 +00:00

e39721c7e6 Fix broken invitation email text template

5178cf3d81 Drop redundant MemoryStore internals peek from fa_token creation test

2d5650e620 Bind forward-auth fa_token to its destination host

7f0d3d3900 Tighten TOTP enrollment comments to explain the threat, not the change

b876e02c3a Hold TOTP enrollment secret server-side and email user on activation

Compare 12 commits »