| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2026-01-14 | docs: add defensive measures explanation | DanConwayDev | |
| Add comprehensive documentation explaining the defensive features implemented in ngit-grasp. The detailed analysis of other relay implementations is now preserved in commit history (e3792b9). | |||
| 2026-01-14 | Add explicit rate limits and total connection limit | DanConwayDev | |
| - Make RateLimit explicit in relay builder (500 subs, 60 events/min) - Add NGIT_MAX_CONNECTIONS config option (default: 500) - Update all 4 config locations (src, nix, docs, .env.example) - Fix documentation error: filter limit 5000→500 - Document Phase 2 deferral decision (per-IP enforcement) Addresses primary DoS vector (connection exhaustion) with minimal code. Per-IP rate limiting deferred until abuse detected in production. Related: issue ff38 (git endpoint throttling - separate concern) | |||