remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
131 Commits 1 Branch 0 Tags
53f88b840a04b48676c85e1ad195515f68ff9c7a
Commit Graph

4 Commits

Author SHA1 Message Date
root 53f88b840a Modernize dependencies: replace abandoned packages, update versions 
- Replace flowframe/laravel-trend with direct Eloquent DB queries
- Replace srmklive/paypal (abandoned) with new PayPalService using PayPal REST API v2 via Guzzle
- Remove old config/paypal.php, migrate to config('habbo.paypal.*')
- Update blade templates to use habbo.paypal config
- Bump npm packages to latest: @inertiajs/react, axios, esbuild, eslint, sass, tailwindcss, etc.
- Run composer update and yarn upgrade
 2026-06-20 15:01:48 +02:00
root 2d8beaa531 chore: fix code style with Laravel Pint 2026-05-23 19:05:37 +02:00
root 7f59024bef fix(security): patch critical security vulnerabilities 
- Remove User::$guarded = [] to prevent mass assignment attacks
- Enable SQL strict mode and disable emulated prepares (SQL injection prevention)
- Switch password hashing from bcrypt to argon2id (stronger algorithm)
- Enable session encryption to protect session data at rest
- Restrict TrustProxies to localhost only (prevent IP spoofing)
- Restrict CORS allowed_methods via env variable instead of wildcard
- Add PayPal amount mismatch detection to prevent payment manipulation
- Add double-capture prevention (idempotency check)
- Add expected_amount column to transactions table for verification
 2026-05-19 19:37:15 +02:00
root 9d73f82529 Initial commit 2026-05-09 17:32:17 +02:00