mcp-outline-postgresql

ealmeida/mcp-outline-postgresql

Fork 0

Commit Graph

Author	SHA1	Message	Date
Emanuel Almeida	0329a1179a	fix: corrigir bugs críticos de segurança e memory leaks (v1.2.4) - fix(pagination): SQL injection em cursor pagination - validação de nomes de campos - fix(transaction): substituir Math.random() por crypto.randomBytes() para jitter - fix(monitoring): memory leak - adicionar .unref() ao setInterval - docs: adicionar relatório completo de bugs (BUG-REPORT-2026-01-31.md) - chore: actualizar versão para 1.2.4	2026-01-31 16:09:25 +00:00
Emanuel Almeida	7c83a9e168	fix(security): Resolve 21 SQL injection vulnerabilities and add transactions Security fixes (v1.2.2): - Fix SQL injection in analytics.ts (16 occurrences) - Fix SQL injection in advanced-search.ts (1 occurrence) - Fix SQL injection in search-queries.ts (1 occurrence) - Add validateDaysInterval(), isValidISODate(), validatePeriod() to security.ts - Use make_interval(days => N) for safe PostgreSQL intervals - Validate UUIDs BEFORE string construction Transaction support: - bulk-operations.ts: 6 atomic operations with withTransaction() - desk-sync.ts: 2 operations with transactions - export-import.ts: 1 operation with transaction Rate limiting: - Add automatic cleanup of expired entries (every 5 minutes) Audit: - Archive previous audit docs to docs/audits/2026-01-31-v1.2.1/ - Create new AUDIT-REQUEST.md for v1.2.2 verification Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-31 14:47:41 +00:00
Emanuel Almeida	7895f31394	feat: Add export/import and Desk CRM sync tools (164 total) New modules: - export-import.ts (2 tools): export_collection_to_markdown, import_markdown_folder - desk-sync.ts (2 tools): create_desk_project_doc, link_desk_task Updated: - CHANGELOG.md: Version 1.2.1 - CLAUDE.md: Updated to 164 tools across 33 modules - CONTINUE.md: Updated state documentation - AUDIT-REQUEST.md: Updated metrics and file list Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-31 14:24:05 +00:00

Author

SHA1

Message

Date

Emanuel Almeida

0329a1179a

fix: corrigir bugs críticos de segurança e memory leaks (v1.2.4)

- fix(pagination): SQL injection em cursor pagination - validação de nomes de campos
- fix(transaction): substituir Math.random() por crypto.randomBytes() para jitter
- fix(monitoring): memory leak - adicionar .unref() ao setInterval
- docs: adicionar relatório completo de bugs (BUG-REPORT-2026-01-31.md)
- chore: actualizar versão para 1.2.4

2026-01-31 16:09:25 +00:00

Emanuel Almeida

7c83a9e168

fix(security): Resolve 21 SQL injection vulnerabilities and add transactions

Security fixes (v1.2.2):
- Fix SQL injection in analytics.ts (16 occurrences)
- Fix SQL injection in advanced-search.ts (1 occurrence)
- Fix SQL injection in search-queries.ts (1 occurrence)
- Add validateDaysInterval(), isValidISODate(), validatePeriod() to security.ts
- Use make_interval(days => N) for safe PostgreSQL intervals
- Validate UUIDs BEFORE string construction

Transaction support:
- bulk-operations.ts: 6 atomic operations with withTransaction()
- desk-sync.ts: 2 operations with transactions
- export-import.ts: 1 operation with transaction

Rate limiting:
- Add automatic cleanup of expired entries (every 5 minutes)

Audit:
- Archive previous audit docs to docs/audits/2026-01-31-v1.2.1/
- Create new AUDIT-REQUEST.md for v1.2.2 verification

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-31 14:47:41 +00:00

Emanuel Almeida

7895f31394

feat: Add export/import and Desk CRM sync tools (164 total)

New modules:
- export-import.ts (2 tools): export_collection_to_markdown, import_markdown_folder
- desk-sync.ts (2 tools): create_desk_project_doc, link_desk_task

Updated:
- CHANGELOG.md: Version 1.2.1
- CLAUDE.md: Updated to 164 tools across 33 modules
- CONTINUE.md: Updated state documentation
- AUDIT-REQUEST.md: Updated metrics and file list

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-31 14:24:05 +00:00

3 Commits