fix: critical security improvements

- Apply optimistic locking to deposit-matcher.ts (race condition fix) - Add timing-safe comparison for API key validation - Move admin IDs from wrangler.toml vars to secrets - Add .env.example for secure credential management Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-21 17:18:21 +09:00
parent 8edab3069f
commit 91f50ddc12
6 changed files with 82 additions and 37 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -8,8 +8,11 @@ dist/

 # Environment & Secrets
 .env
-.env.*
+.env.local
+.env.*.local
 .dev.vars
+# Keep .env.example for documentation
+!.env.example

 # IDE
 .idea/