103d454e14
Without this guard any client could send X-Forwarded-For: <spoofed-ip> and bypass per-IP rate limiting entirely. Also switches expireAfterWrite → expireAfterAccess so the 1-minute window starts at first request, not last, and fixes the .gitignore entry that accidentally merged **/test-results/ and .worktrees/ into one broken pattern. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
16 lines
181 B
Plaintext
16 lines
181 B
Plaintext
# Runtime data (Docker volumes)
|
|
data/
|
|
import-data/
|
|
import/
|
|
gitea/
|
|
|
|
# Secrets
|
|
.env
|
|
|
|
# Dev scripts / DB dumps
|
|
scripts/large-data.sql
|
|
|
|
.vitest-attachments
|
|
**/test-results/
|
|
.worktrees/
|