Avoids the well-known /login path that scanners hit by default.
The cm- prefix matches the rest of the project's namespacing
(cm-web-next, cm-api, etc.) and isn't on standard scanner wordlists.
Settings page moves to flat /cm-passkeys (was /settings/passkeys)
to drop the simple 'settings' word — same scanner-noise reasoning.
File paths follow: web/app/cm-auth/, web/app/cm-passkeys/.
Bundles three independent prod-side improvements: replace Flask dev
server with gunicorn (C1), drop api-server's host port (C5), fix the
HAL set_security_pin_api bool/dict contract bug + clean up stale
AGENTS.md note (C6). Appendix is a hand-over guide for the aaPanel
operator (C3 basic auth, C4 rate-limit + scanner deflection, C7 host
firewall) including a vhost for heng.04080616.xyz routing to the dev
PC. Auth path locked to G3 (basic auth + iOS/Android keychain).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds containerized MySQL to docker-compose.override.yml, gates
telegram/transfer bots behind a 'bots' profile, and introduces a local
Python bot CLI with a stdlib TUI menu that mirrors Telegram's /1, /2,
/3 plus operational subcommands. CLI runs from .venv against
127.0.0.1:3306 (mysql published to localhost only).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Documents the env-driven debug toggle that replaces the hardcoded
debug=True in cm_api.py and cm_web_view.py. Default off so the
Werkzeug debugger isn't reachable in rex/siong containers.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
