Fix review findings: offline assets, security, audit logging

Browse Source

- Bundle Bootstrap CSS/JS/icons locally for air-gapped operation
- Add path traversal validation on image import source
- Disable Flask debug mode in production
- Fix file handle leaks, remove unused import
- Add python3-pip, python3-venv, p7zip-full to offline packages
- Add pip wheel download/bundling for offline Flask install
- Change UFW default policy from allow to deny
- Fix wrong path displayed in unattend editor template
- Dynamic sidebar image lists from all_image_types
- Add audit logging for all write operations
- Audit log viewer page with activity history

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

...

This commit is contained in:

cproudlock

2026-02-06 16:50:20 -05:00

parent ef7583920b

commit 92c9b0f762

13 changed files with 187 additions and 37 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

BIN

webapp/static/fonts/bootstrap-icons.woff Normal file

Binary file not shown.

BIN

webapp/static/fonts/bootstrap-icons.woff2 Normal file

Binary file not shown.