v1 readiness: CHANGELOG + threat model + first-run onboarding polish
CI / Test (store) (pull_request) Successful in 5s
CI / Test (rest) (pull_request) Successful in 9s
CI / Build (windows/amd64) (pull_request) Successful in 7s
CI / Build (linux/amd64) (pull_request) Successful in 7s
CI / Lint (pull_request) Successful in 19s
CI / Build (linux/arm64) (pull_request) Successful in 8s
e2e / Playwright vs docker-compose (pull_request) Failing after 1m35s
CI / Test (server-http) (pull_request) Successful in 2m37s
CI / Test (store) (pull_request) Successful in 5s
CI / Test (rest) (pull_request) Successful in 9s
CI / Build (windows/amd64) (pull_request) Successful in 7s
CI / Build (linux/amd64) (pull_request) Successful in 7s
CI / Lint (pull_request) Successful in 19s
CI / Build (linux/arm64) (pull_request) Successful in 8s
e2e / Playwright vs docker-compose (pull_request) Failing after 1m35s
CI / Test (server-http) (pull_request) Successful in 2m37s
- CHANGELOG.md: Keep-a-Changelog format, v1.0.0 entry summarising what each phase delivered. - docs/threat-model.md: structured walkthrough of assets, actors, attack surfaces and residual risks; reviewed against v1.0.0. - cmd/server/main.go: at first-run startup, print a clickable $RM_BASE_URL/bootstrap URL alongside the existing one-shot bootstrap token (or a fallback hint when RM_BASE_URL is unset). - web/templates/pages/bootstrap.html: visible "Minimum 12 characters" hint under the password field so the rule is communicated before the operator submits. - tasks.md: close X-01, X-04, X-05 with notes.
This commit is contained in:
@@ -36,6 +36,7 @@
|
||||
<label class="field-label" for="bs-pw">Password</label>
|
||||
<input id="bs-pw" name="password" type="password" class="field"
|
||||
required minlength="12" autocomplete="new-password" />
|
||||
<div class="field-help">Minimum 12 characters.</div>
|
||||
</div>
|
||||
<div>
|
||||
<label class="field-label" for="bs-pw2">Confirm password</label>
|
||||
|
||||
Reference in New Issue
Block a user