Lucas Smith 653ab3678a feat: better ratelimiting (#2520) ... Replace hono-rate-limiter with a Prisma/PostgreSQL bucketed counter approach that works correctly across multiple instances without sticky sessions. - Add RateLimit model with composite PK (key, action, bucket) and atomic upsert - Create rate limit factory with window parsing, bucket computation, and fail-open - Define auth-tier and API-tier rate limit instances - Add Hono middleware, rateLimitResponse helper, and tRPC assertRateLimit helper - Wire rate limit headers through AppError constructor (was declared but never assigned) - Apply rate limits to auth routes (email-password, passkey), tRPC routes (2FA email, link org account), API routes, and file upload endpoints - Add cleanup cron job for expired rate limit rows (batched delete every 15 min) - Remove hono-rate-limiter dependency		2026-02-20 12:23:02 +11:00
..
client	chore: dependency updates (#2229)	2025-11-22 20:28:20 +11:00
server	feat: better ratelimiting (#2520)	2026-02-20 12:23:02 +11:00
index.ts	feat: sign out of all sessions (#1797)	2025-06-11 17:57:38 +10:00
package.json	fix: security CVE-2026-22817 CVE-2026-22818 (#2390)	2026-01-15 18:27:04 +11:00
tsconfig.json	feat: migrate nextjs to rr7	2025-02-13 14:10:38 +11:00