Salastil/odysseus
1
0
Fork 0
mirror of https://github.com/pewdiepie-archdaemon/odysseus.git synced 2026-06-16 09:45:24 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
57646300a41d1519e8208cba297d5eee80bd3cfc
odysseus/routes
T
History
Syed Ali Rizvi 57646300a4 fix(security): encrypt CardDAV password at rest in settings.json (#1741) 
* fix(security): encrypt CardDAV password at rest in settings.json

CardDAV password was stored in plaintext in data/settings.json, while
other secrets (email, CalDAV) are encrypted using src.secret_storage.

On read (_get_carddav_config): decrypt the password via decrypt().
On write (update_config): encrypt the password via encrypt() before
saving to settings.json.

decrypt() is a no-op on plaintext, so existing deployments upgrade
transparently on the first read after the next config save.

* test: add coverage for CardDAV password encryption

Nine tests covering:
- encrypt-on-save and decrypt-on-read round-trip
- encrypted value is stored with enc: prefix (plaintext absent from file)
- legacy plaintext passthrough
- CARDDAV_PASSWORD env var passthrough (not decrypted)
- empty password / no settings file
- double-save does not corrupt
- encrypt() idempotent on already-encrypted value
2026-06-15 15:58:14 +09:00
..
__init__.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
_validators.py
fix(hwfit): validate remote SSH detection targets (#3718)
2026-06-11 00:43:49 +02:00
admin_wipe_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
api_token_routes.py
fix(tokens): owner check on update and delete routes (#3899)
2026-06-11 15:34:44 +02:00
assistant_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
auth_routes.py
fix(uploads): migrate upload ownership on rename (#3617)
2026-06-11 16:01:04 +02:00
backup_routes.py
fix: backup import dropping a user's skill on cross-tenant title/id collision (#2057)
2026-06-09 08:04:22 +02:00
calendar_routes.py
fix(calanders): Removed/merged duplicate calender delete endpoints (#3682)
2026-06-09 22:35:55 +02:00
chat_helpers.py
fix(utility): use utility model for background tasks (auto-title, memory audit) instead of chat model (#4027)
2026-06-15 15:33:19 +09:00
chat_routes.py
fix(agent): honor explicit web search requests
2026-06-15 15:02:10 +09:00
chatgpt_subscription_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
cleanup_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
codex_routes.py
fix(codex): validate stored SSH host and port
2026-06-15 15:01:03 +09:00
compare_routes.py
fix(endpoint): scope secondary endpoint lookups by owner
2026-06-08 11:51:55 +01:00
contacts_routes.py
fix(security): encrypt CardDAV password at rest in settings.json (#1741)
2026-06-15 15:58:14 +09:00
cookbook_helpers.py
fix(cookbook): diagnose sglang native deps (#4112)
2026-06-15 15:14:37 +09:00
cookbook_output.py
fix(cookbook): report dead finished downloads as completed instead of stopped (#4025)
2026-06-15 15:26:55 +09:00
cookbook_routes.py
fix(cookbook): point HF token hint at Cookbook -> Settings, not Settings -> Cookbook (#3864)
2026-06-15 15:38:08 +09:00
copilot_routes.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
device_flow.py
feat: add ChatGPT Subscription provider (#2876)
2026-06-08 10:19:18 +02:00
diagnostics_routes.py
feat(diagnostics): add consolidated service health endpoint for degraded-state reporting (#964)
2026-06-09 16:00:24 +01:00
document_helpers.py
fix: _resolve_user_upload_path crashes on a non-dict resolve_upload result (#1715)
2026-06-03 13:34:33 +09:00
document_routes.py
refactor(tools): extract document tools to handle registry (#3666)
2026-06-10 10:41:52 +02:00
editor_draft_routes.py
Ignore invalid editor draft payloads (#1533)
2026-06-03 14:07:03 +09:00
email_helpers.py
fix(email): scope learned sender signatures by owner (#3724)
2026-06-11 13:26:59 +02:00
email_pollers.py
fix: quote IMAP mailbox arguments (#2170)
2026-06-05 16:00:20 +02:00
email_routes.py
perf(email): run blocking IMAP routes in threadpool
2026-06-15 14:54:13 +09:00
embedding_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
emoji_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
font_routes.py
Keep compact font family names together (#1263)
2026-06-03 14:24:30 +09:00
gallery_helpers.py
fix(gallery): fail closed for null-user owner scope (#3613)
2026-06-09 20:20:21 +02:00
gallery_routes.py
fix(image): patch realesrgan torchvision compatibility (#4110)
2026-06-15 15:16:41 +09:00
history_routes.py
fix(sessions): copy message metadata when forking a session (#3409)
2026-06-08 20:49:15 +02:00
hwfit_routes.py
fix(hwfit): tolerate non-numeric gpu_count in /api/hwfit/models (#3639)
2026-06-11 01:01:58 +02:00
mcp_routes.py
fix(mcp): share oauth redirect URI (#4087)
2026-06-15 15:15:53 +09:00
memory_routes.py
fix(utility): use utility model for background tasks (auto-title, memory audit) instead of chat model (#4027)
2026-06-15 15:33:19 +09:00
model_routes.py
fix(kimi): resolve Kimi Code API 403 errors and User-Agent restrictions (#3549)
2026-06-15 15:56:54 +09:00
note_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
personal_routes.py
fix(personal): confine remove_directory_from_rag to PERSONAL_DIR
2026-06-15 15:00:35 +09:00
prefs_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
preset_routes.py
fix(presets): scope expand-prompt model resolution to owner (#3477)
2026-06-08 21:12:02 +02:00
research_routes.py
fix(endpoint): scope secondary endpoint lookups by owner
2026-06-08 11:51:55 +01:00
search_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
session_routes.py
fix(sessions): use owner_filter for list_sessions queries when auth disabled (#3622)
2026-06-10 17:07:07 +02:00
shell_routes.py
fix(cookbook): allow local Windows Diffusers serving (#4077)
2026-06-15 15:21:01 +09:00
signature_routes.py
Constrain signature uploads to PNG data (#2844)
2026-06-05 13:17:43 +02:00
skills_routes.py
fix(presets): scope expand-prompt model resolution to owner (#3477)
2026-06-08 21:12:02 +02:00
stt_routes.py
refactor(uploads): centralize upload byte-limits in upload_limits.py (#3364) (#3518)
2026-06-09 01:24:30 +02:00
task_routes.py
Merge branch 'dev'
2026-06-09 09:36:01 +09:00
tts_routes.py
Odysseus v1.0
2026-05-31 23:58:26 +09:00
upload_routes.py
Scope vision model resolution by owner (#3009)
2026-06-07 12:39:02 +02:00
vault_routes.py
refactor(constants): single source of truth for data dir (#3368)
2026-06-08 09:58:52 +02:00
webhook_routes.py
fix(kimi): resolve Kimi Code API 403 errors and User-Agent restrictions (#3549)
2026-06-15 15:56:54 +09:00
workspace_routes.py
feat(agent): confine agent file/shell tools to a selectable workspace (#3665)
2026-06-11 18:17:54 +02:00