fix: critical security improvements
- Apply optimistic locking to deposit-matcher.ts (race condition fix) - Add timing-safe comparison for API key validation - Move admin IDs from wrangler.toml vars to secrets - Add .env.example for secure credential management Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
kappa
7
.env.example
Normal file
7
.env.example
Normal file
@@ -0,0 +1,7 @@
|
||||
# Telegram Bot Workers - Environment Variables Example
|
||||
# Copy this file to .env and fill in your values
|
||||
# NEVER commit .env with real values!
|
||||
|
||||
# Webhook secret for CLI testing (npm run chat)
|
||||
# Generate with: openssl rand -hex 16
|
||||
WEBHOOK_SECRET=your_webhook_secret_here
|
||||
Reference in New Issue
Block a user