Commit Graph

3 Commits

Author SHA1 Message Date
null 7c145bc8ca fix(security): Hudson remediation + batch 0.5.3 trust signals
- Clean up docker-entrypoint per Hudson review (issue #4):
  - Remove chmod 777 → chown nodejs:nodejs
  - Remove hardcoded su-exec, add root-detection logic
  - Entry point unused but now safe if re-enabled
- Batch 0.5.3: Trust signals section (Scarlett)
  - 8x8 Certified Partner card (cert #25432)
  - Veteran Owned card (VCERT #12847)
  - 25+ Years Experience metric
  - 99.99% uptime, <15m response, 24/7 support, 100% satisfaction
  - Mobile-first, B2B professional tone
2026-05-17 14:45:55 -05:00
null 7d476f36e8 fix(security): audit fixes #4 #6 #10 + hero rewrite (batch 0.5.2)
- #4: Replace su-exec with USER nodejs in Dockerfile (P0)
- #6: Add UNIQUE constraint on leads.email with migration (P1)
- #10: Consistent NULL handling for optional fields (P1)
- Hero section rewrite: B2B value proposition, prominent 8x8 badge
- Clean up .bak file left by agent
2026-05-17 14:44:34 -05:00
null 1f3e3864f9 feat: Docker batch 0.2.1 — production-ready containerization
- Multi-stage Dockerfile with non-root nodejs user
- Healthcheck using Node 20 built-in fetch (no wget)
- docker-entrypoint.sh: root permission fix, then exec to nodejs
- server/db.js: deferred SQLite init for Docker volume permissions
- docker-compose.yml with named volumes for persistence
- .dockerignore and .env.example added
- README updated with Docker usage section

Security reviewed by Private Hudson. All blockers resolved.
2026-05-12 01:57:55 -05:00