cm_whatsapp_bot_v1

Author	SHA1	Message	Date
yiekheng	b29d137c84	feat: production hardening — robots, allowedOrigins, container non-root, rate limits, CLI bootstrap robots.ts + metadata.robots blocks indexing. serverActions.allowedOrigins gates cross-origin Server Action posts. Bot + web Dockerfiles add a non-root 'app' user (uid 1000) with chmod 700 on /data/sessions. sendTestAction grows a per-group rate limit (3/60s). resumeReminderRunAction + cancelReminderRunAction get a per-IP rate limit (30/10s). .env.example documents every required key. packages/db/src/scripts/{set-password,create-user}.ts + thin shell wrappers in scripts/ — first admin sets their password via ./scripts/set-password.sh admin before signing in.	2026-05-10 18:05:34 +08:00
yiekheng	3c3b5165b8	feat(scripts): add db.sh wrapper and stubs for plans 2/4	2026-05-09 15:43:01 +08:00
yiekheng	f1831b8a56	chore: add gen_auth_secret + bootstrap env files	2026-05-09 15:12:09 +08:00
yiekheng	30168ad793	feat(scripts): add dev.sh with exec/pnpm/shell subcommands	2026-05-09 15:11:02 +08:00