13 commits

Author	SHA1	Message	Date
OpenClaw Subagent	70eb6908e3	Document rate limit headers in OpenAPI spec ... - Add reusable header components (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, Retry-After) - Reference headers in 200 responses on all conversion and demo endpoints - Add Retry-After header to 429 responses - Update Rate Limits section in API description to mention response headers - Add comprehensive tests for header documentation (21 new tests) - All 809 tests passing	2026-03-18 11:06:22 +01:00
Hoid	6b1b3d584e	fix: OpenAPI spec accuracy — hide internal endpoints, mark signup/verify deprecated ... - Remove @openapi annotations from /v1/billing/webhook (Stripe-internal) - Remove @openapi annotations from /v1/billing/success (browser redirect) - Mark /v1/signup/verify as deprecated (returns 410) - Add 3 TDD tests in openapi-spec.test.ts - Update 2 existing tests in app-routes.test.ts - 530 tests passing (was 527)	2026-03-07 14:06:12 +01:00
OpenClaw	8b31d11e74	docs: add missing OpenAPI annotations for signup/verify, billing/success, billing/webhook	2026-02-27 16:04:55 +00:00
DocFast Bot	45b5be248c	docs: remove free tier, update rate limits and auth for demo+pro model ... - Remove free tier from rate limits, add Demo (5/hour, watermarked) - Update auth section: remove free-tier key mention, link to docfast.dev - Update getting started: demo → upgrade to Pro → use API key - Add deprecated: true to /v1/signup/free swagger annotation - Regenerate openapi.json	2026-02-20 19:10:25 +00:00
OpenClaw	825c6562ba	feat: wire up swagger-jsdoc dynamic spec, delete static openapi.json ... - Create src/swagger.ts config module for swagger-jsdoc - Add GET /openapi.json dynamic route (generated from @openapi annotations) - Delete static public/openapi.json (was drifting from code) - Add @openapi annotation for deprecated /v1/signup/free in index.ts - Import swaggerSpec into index.ts - All 12 endpoints now code-driven: demo/html, demo/markdown, convert/html, convert/markdown, convert/url, templates, templates/{id}/render, recover, recover/verify, billing/checkout, signup/free, health	2026-02-20 07:56:56 +00:00
OpenClaw Deployer	e611609580	fix: compile TypeScript in Docker build — dist/ was never built in CI, connection resilience code was missing from images	2026-02-18 16:19:59 +00:00
DocFast Bot	1702abdeb8	fix: add /change-email route in index.ts + fix SQL query escaping in keys.ts ... - Register GET /change-email route in src/index.ts (serves change-email.html) - Fix updateKeyEmail() SQL query string (dollar signs were stripped by heredoc) - Fix updateEmailByCustomer() SQL query string - Rebuild TypeScript dist/	2026-02-17 11:34:21 +00:00
DocFast Agent	a0d4ba964c	fix: audit #18 rate limit cleanup (.unref), audit #25 consistent error shapes ... Audit #18 - Rate limit store memory growth: - rateLimitStore already had cleanup via cleanupExpiredEntries() per-request + 60s interval - Added .unref() to the setInterval timer for clean graceful shutdown behaviour Audit #25 - Consistent error response shapes: - billing.ts: Fixed 409 plain-text response -> JSON { error: "..." } - index.ts: Simplified 404 from 4-field object to { error: "Not Found: METHOD path" } - signup.ts: Removed extra retryAfter field from rate-limit message object - pdfRateLimit.ts: Merged limit/tier/retryAfter into single error message string - usage.ts: Merged limit/used/upgrade fields into single error message string - convert.ts: Merged detail field into error message (3 occurrences) All error responses now consistently use {"error": "message"} shape.	2026-02-17 08:10:14 +00:00
OpenClaw	09c6feb06e	Fix audit #14 (body size limits), #17 (duplicate session_id), #22 (unused import)	2026-02-16 19:51:24 +00:00
OpenClaw	59cc8f3d0e	Session 45: support email, audit fixes (template validation, content-type, admin auth, waitUntil) ... - Added support@docfast.dev to footer, impressum, terms, landing page, openapi.json - Fixed audit #6: Template render validates required fields (400 on missing) - Fixed audit #7: Content-Type check on markdown/URL routes (415) - Fixed audit #11: /v1/usage and /v1/concurrency now require ADMIN_API_KEY - Fixed audit Critical #3: URL convert uses domcontentloaded instead of networkidle0	2026-02-16 19:30:21 +00:00
OpenClaw	aab6bf3bee	feat: Pro limit 2,500/mo, website templating, cleanup ... - Set Pro tier limit to 2,500 PDFs/month (was unlimited/5000) - Added Pro limit enforcement in usage middleware - Updated landing page, JSON-LD, and Stripe product description - Created build-time HTML templating (partials for nav/footer/styles) - Source files in public/src/, partials in public/partials/ - Build script: node scripts/build-html.cjs - Deleted stale backup file - Fixed index.html nav logo to use <a> tag for consistency	2026-02-16 18:46:59 +00:00
OpenClaw	b98e8bc253	fix: BUG-046 usage endpoint data leak, BUG-047 copy button, BUG-048 email change links ... BUG-046 (CRITICAL): getUsageStats() now accepts apiKey param and returns only that key usage instead of all users. Route passes req.apiKeyInfo.key. BUG-047: Added visible Copy button to Pro key success page in billing.ts. BUG-048: Added class="open-email-change" to Change Email links in all HTML pages so the JS modal opener can find them.	2026-02-16 18:06:52 +00:00
openclawd	1ef8f5743c	feat: Add built dist files with EU compliance routes ... - Include compiled TypeScript with new /impressum, /privacy, /terms routes - Temporary commit of dist files for Docker deployment	2026-02-16 13:09:25 +00:00