-
Release Candidate 6 for v1.0.0
phil released this
2025-11-22 23:16:37 +01:00 | 2 commits to main since this releaseCRITICAL SECURITY FIX:
- Email authentication required EVERY login (not cached)
- Separated domain verification (DNS) from user authentication (email)
- New auth_sessions table for per-login state
- Codes hashed, 3 attempt limit, 10-min expiry
312 tests passing, 86.21% coverage
Downloads