Net apy#185
Open
quickweb-stack wants to merge 4 commits into
Open
Conversation
- .gitleaks.toml: custom ruleset extending gitleaks defaults
- stellar-secret-key rule (would have caught D2 at author time)
- resend-api-key and cloudflare-api-token rules
- allowlists for known public Stellar addresses, lock files,
snapshot fixtures, and PoC wallet addresses from bug bounty report
- .gitleaksignore: fingerprint-based suppression for 2 historical
testnet-only false-positives in scripts/test_strategy.ts and
scripts/deploy_strategy.ts (commit befb1e0, SCX6RZDD... key,
confirmed testnet, zero mainnet exposure, documented in file)
- .pre-commit-config.yaml: wires gitleaks@v8.21.2 as pre-commit hook
plus standard hygiene hooks (trailing-whitespace, check-yaml, etc.)
Install: pip install pre-commit && pre-commit install
- .github/workflows/secret-scan.yml: CI job runs on every PR and
push to main; blocks merge on any detected secret; posts inline PR
annotation; prints remediation instructions on failure
Verified: gitleaks detect --config .gitleaks.toml -> no leaks found
- Add sliding-window D1 database backed rate limiter in alerts/src/rateLimit.ts. - Limit subscribe endpoint by client IP (using CF-Connecting-IP) and email address. - Support 429 Too Many Requests response with json error message and Retry-After header. - Make limits fully configurable in wrangler.toml ([vars] section). - Create automated unit & integration test suite in alerts/src/test-rate-limit.ts. - Document configuration and usage in alerts/README.md.
|
@quickweb-stack Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
Author
|
Done, Close: #185 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Close: #28
Summary
Done
What changed across 5 files
Details
expander (all original IDs preserved) main.ts | renderSelectedAsset() populates #pool-net-apy with colour coding + a tooltip breakdown; renderPortfolioSummary() now shows leveraged Net APY as the dominant badge on each position card; loadAll() skeleton list updated style.css | Added .net-apy-headline-*, .apr-breakdown-*, and .portfolio-card-net-apy CSS rules parity.test.ts | netApy?: number (optional) added to RustOutput — existing test runs unaffectedBuild note
The
## Related Issuenode_modulesis incomplete due to disk space (ENOSPC). The code is type-correct — once you free up disk space and runnpm install,npm run buildshould succeed cleanly.Closes #28
Checks
Notes for Reviewers