init
This commit is contained in:
kaspa
parent
678ff5eb19
commit
c59ad6cb70
28
README.md
28
README.md
|
|
@ -590,34 +590,6 @@ Bill Tracker intentionally separates full-system backups from user exports.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## Development Notes
|
|
||||||
|
|
||||||
When changing the app:
|
|
||||||
|
|
||||||
- Keep Profile as the user/account/data hub.
|
|
||||||
- Keep Settings focused on app-level preferences.
|
|
||||||
- Keep Admin tools admin-only.
|
|
||||||
- Keep user import/export separate from admin backup/restore.
|
|
||||||
- Do not expose admin backup tools to regular users.
|
|
||||||
- Keep user ownership checks on all object routes.
|
|
||||||
- Use existing Tailwind/shadcn/Radix patterns.
|
|
||||||
- Update `HISTORY.md` when behavior changes.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Limitations
|
|
||||||
|
|
||||||
Known limitations:
|
|
||||||
|
|
||||||
- Admin backup encryption is not implemented.
|
|
||||||
- CSP is not fully implemented.
|
|
||||||
- authentik live flow requires testing against a real authentik instance.
|
|
||||||
- OIDC single logout is not implemented.
|
|
||||||
- Rate limiting uses in-memory storage, suitable for single-instance deployments.
|
|
||||||
- XLSX parsing remains a sensitive area and is mitigated through authentication, file limits, validation, and preview/apply flow.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
License: Not specified.
|
License: Not specified.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue