Was a stub ('not yet implemented (see plan 4)'). Modeled directly on
cm_bot_v2/scripts/publish.sh:
- Same registry prefix gitea.04080616.xyz/yiekheng.
- Same NO_SUDO toggle + docker info + buildx preflight diagnostics.
- Same auth path notes (docker login on the same effective user
that runs the build).
- Same buildx --push flow with CM_IMAGE_PLATFORMS / BUILD_ARGS
overrides and tag from $1 / DOCKER_IMAGE_TAG (default latest).
This repo's services are bot + web (tools is dev-only and not
published). Resulting tags:
gitea.04080616.xyz/yiekheng/cm-whatsapp-bot:<tag>
gitea.04080616.xyz/yiekheng/cm-whatsapp-web:<tag>
Mark executable.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
robots.ts + metadata.robots blocks indexing.
serverActions.allowedOrigins gates cross-origin Server Action posts.
Bot + web Dockerfiles add a non-root 'app' user (uid 1000) with
chmod 700 on /data/sessions.
sendTestAction grows a per-group rate limit (3/60s).
resumeReminderRunAction + cancelReminderRunAction get a per-IP
rate limit (30/10s).
.env.example documents every required key.
packages/db/src/scripts/{set-password,create-user}.ts + thin shell
wrappers in scripts/ — first admin sets their password via
./scripts/set-password.sh admin before signing in.
