fix: harden Railway relay auth, caching, and proxy routing#320
Merged
Conversation
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
6 tasks
koala73
added a commit
that referenced
this pull request
Feb 24, 2026
## What's Changed ### Performance - perf: defer YouTube/map init and stagger data loads to reduce blocking time (#287) ### Features - feat: universal country detection — CII scoring for all countries (#344) - feat: add Mexico as CII hotspot for cartel/security monitoring (#327) - feat: add Mexico and LatAm security feeds for instability coverage (#325) - feat: add category pills and search filter to Panels tab (#322) - feat: consolidate settings into unified tabbed modal (#319) - feat: add Island Times (Palau) RSS feed (#317) - feat: add AI Flow settings popup for web-only AI provider control (#314) - feat: optional channels with tab-based region browse UI (#295) - feat: custom channel management (#282) - feat: add Bild RSS feed scoped to German locale (#312) ### Bug Fixes - fix: suppress notification sound when popup alerts are disabled - fix: prevent entity conflation in pane summarization (#341) - fix: add Mexico to COUNTRY_BOUNDS and COUNTRY_ALIASES (#338) - fix: make OpenSky cache TTLs env-configurable (#333) - fix: serialize OpenSky requests with global 429 cooldown (#332) - fix: replace RSSHub feeds with native/Google News alternatives (#331) - fix: OpenSky auth resilience — retry, IPv4, no negative cache on auth fail (#329) - fix: add CARTO and OpenStreetMap attribution to map (#323) - fix: add drag cleanup handlers and suppress click after drag-drop (#315) - fix: replace HTML5 drag API with mouse events for WKWebView (#313) - fix: open channel settings as inline modal instead of separate window (#311) - fix: sync YouTube live panel mute state with native player controls (#285) - fix: strip Ollama reasoning tokens from summaries (#299) - fix: open external links in system browser on Tauri desktop (#297) - fix: add User-Agent and Cloudflare 403 detection to secret validation (#296) - fix: infra cost optimizations round 2 (#275) - fix: enforce military bbox filtering (#284) - fix: infrastructure cost optimizations across caching, polling, batching (#283) - fix: circuit breaker persistent cache with safety fixes (#281) - fix: immediately refresh stale services when tab regains focus (#277) ### Security - Security hardening: SSRF protection, auth gating, and token generation (#343) - Harden Railway relay auth, caching, and proxy routing (#320) - Build/runtime hardening and dependency security updates (#286) - fix: harden embed postMessage origin check (#302)
koala73
added a commit
that referenced
this pull request
Feb 25, 2026
## What's Changed ### Performance - perf: defer YouTube/map init and stagger data loads (#287) ### Features - feat: universal country detection — CII scoring for all countries (#344) - feat: add Mexico as CII hotspot (#327) - feat: add Mexico and LatAm security feeds (#325) - feat: add category pills and search filter to Panels tab (#322) - feat: consolidate settings into unified tabbed modal (#319) - feat: optional channels with tab-based region browse UI (#295) - feat: custom channel management (#282) ### Bug Fixes - fix: suppress notification sound when popup alerts are disabled - fix: prevent entity conflation in pane summarization (#341) - fix: add Mexico to COUNTRY_BOUNDS and COUNTRY_ALIASES (#338) - fix: OpenSky cache TTLs, serialization, and auth resilience (#329-#333) - fix: replace RSSHub feeds with native/Google News alternatives (#331) - fix: replace HTML5 drag API with mouse events for WKWebView (#313) - fix: sync YouTube mute state with native player controls (#285) - fix: strip Ollama reasoning tokens from summaries (#299) - fix: infra cost optimizations (#275, #283) - fix: circuit breaker persistent cache (#281) - fix: immediately refresh stale services on tab focus (#277) ### Security - Security hardening: SSRF protection, auth gating, token generation (#343) - Harden Railway relay auth, caching, and proxy routing (#320) - Build/runtime hardening and dependency security updates (#286)
koala73
added a commit
that referenced
this pull request
Feb 25, 2026
…346) * fix: suppress notification sound when popup alerts are disabled Badge playSound() was firing on new findings regardless of the "Pop up new alerts" toggle. Gate sound on popupEnabled so both the modal and audio respect the user preference. * chore: bump version to 2.5.7 with changelog ## What's Changed ### Performance - perf: defer YouTube/map init and stagger data loads (#287) ### Features - feat: universal country detection — CII scoring for all countries (#344) - feat: add Mexico as CII hotspot (#327) - feat: add Mexico and LatAm security feeds (#325) - feat: add category pills and search filter to Panels tab (#322) - feat: consolidate settings into unified tabbed modal (#319) - feat: optional channels with tab-based region browse UI (#295) - feat: custom channel management (#282) ### Bug Fixes - fix: suppress notification sound when popup alerts are disabled - fix: prevent entity conflation in pane summarization (#341) - fix: add Mexico to COUNTRY_BOUNDS and COUNTRY_ALIASES (#338) - fix: OpenSky cache TTLs, serialization, and auth resilience (#329-#333) - fix: replace RSSHub feeds with native/Google News alternatives (#331) - fix: replace HTML5 drag API with mouse events for WKWebView (#313) - fix: sync YouTube mute state with native player controls (#285) - fix: strip Ollama reasoning tokens from summaries (#299) - fix: infra cost optimizations (#275, #283) - fix: circuit breaker persistent cache (#281) - fix: immediately refresh stale services on tab focus (#277) ### Security - Security hardening: SSRF protection, auth gating, token generation (#343) - Harden Railway relay auth, caching, and proxy routing (#320) - Build/runtime hardening and dependency security updates (#286)
andreteow
pushed a commit
to andreteow/worldmonitor-a47
that referenced
this pull request
Feb 25, 2026
andreteow
pushed a commit
to andreteow/worldmonitor-a47
that referenced
this pull request
Feb 25, 2026
…oala73#346) * fix: suppress notification sound when popup alerts are disabled Badge playSound() was firing on new findings regardless of the "Pop up new alerts" toggle. Gate sound on popupEnabled so both the modal and audio respect the user preference. * chore: bump version to 2.5.7 with changelog ## What's Changed ### Performance - perf: defer YouTube/map init and stagger data loads (koala73#287) ### Features - feat: universal country detection — CII scoring for all countries (koala73#344) - feat: add Mexico as CII hotspot (koala73#327) - feat: add Mexico and LatAm security feeds (koala73#325) - feat: add category pills and search filter to Panels tab (koala73#322) - feat: consolidate settings into unified tabbed modal (koala73#319) - feat: optional channels with tab-based region browse UI (koala73#295) - feat: custom channel management (koala73#282) ### Bug Fixes - fix: suppress notification sound when popup alerts are disabled - fix: prevent entity conflation in pane summarization (koala73#341) - fix: add Mexico to COUNTRY_BOUNDS and COUNTRY_ALIASES (koala73#338) - fix: OpenSky cache TTLs, serialization, and auth resilience (koala73#329-koala73#333) - fix: replace RSSHub feeds with native/Google News alternatives (koala73#331) - fix: replace HTML5 drag API with mouse events for WKWebView (koala73#313) - fix: sync YouTube mute state with native player controls (koala73#285) - fix: strip Ollama reasoning tokens from summaries (koala73#299) - fix: infra cost optimizations (koala73#275, koala73#283) - fix: circuit breaker persistent cache (koala73#281) - fix: immediately refresh stale services on tab focus (koala73#277) ### Security - Security hardening: SSRF protection, auth gating, token generation (koala73#343) - Harden Railway relay auth, caching, and proxy routing (koala73#320) - Build/runtime hardening and dependency security updates (koala73#286)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
scripts/ais-relay.cjs) with improved auth, caching, backpressure, and routing logicapi/ais-snapshot.js,api/opensky.js,api/polymarket.jsapi/rss-proxy.jswith expanded allowed domains and error handlingget-vessel-snapshot,get-theater-posture,list-military-flights) with relay-aware routingdocs/RELAY_PARAMETERS.mddocumenting relay configuration.env.exampleTest plan
/api/ais-snapshot,/api/opensky,/api/polymarket) return data