ico
/
pingql
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
346 Commits 1 Branch 0 Tags 3.2 MiB
Commit Graph

345 Commits

Author SHA1 Message Date
M1 34fd66f784 feat: pricing page — 10 monitors/30s free, unlimited/5s pro coming soon; enforce 30s min interval 2026-03-17 07:55:07 +04:00
M1 cf8903f95d fix: fixed width on text column prevents layout shift when timestamp changes 2026-03-17 07:48:00 +04:00
M1 017d489e2e fix: mutate polyline points in place on SSE ping, no fetch, no flicker 2026-03-17 07:44:09 +04:00
M1 2c32bc1115 Revert "fix: client-side sparkline with local buffer, no server fetch on update" 
This reverts commit 72bc11813d.
 2026-03-17 07:42:36 +04:00
M1 72bc11813d fix: client-side sparkline with local buffer, no server fetch on update 2026-03-17 07:38:26 +04:00
M1 6929d8f51f fix: atomic SVG replaceWith() on sparkline update, no empty-frame bounce 2026-03-17 07:35:54 +04:00
M1 0874583a4f Revert "fix: static HTML label spans outside swap zone, chart only returns SVG + label update script" 
This reverts commit e8bfaa42d7.
 2026-03-17 07:34:02 +04:00
M1 e8bfaa42d7 fix: static HTML label spans outside swap zone, chart only returns SVG + label update script 2026-03-17 07:32:39 +04:00
M1 1e90b5f3c2 fix: move min/max labels out of SVG into HTML overlays, no more text stretch 2026-03-17 07:30:28 +04:00
M1 5eb463a03a fix: SVG h-full so it fills container exactly, no overflow or clipping 2026-03-17 07:28:57 +04:00
M1 51baf7c495 fix: chart container w-full overflow-hidden prevents graph escaping bounds 2026-03-17 07:27:05 +04:00
M1 f00c78116b fix: detail page updates all stats, status bar, pings table in realtime via SSE 2026-03-17 07:23:54 +04:00
M1 93c3a1e84a fix: pin sparkline container to 120x32 to prevent layout shift on update 2026-03-17 07:20:56 +04:00
M1 ed5e213b1a fix: migrate() uses CREATE IF NOT EXISTS — no more data wipe on restart 2026-03-17 07:17:54 +04:00
M1 1794c05b4f fix: restore status dot, latency, last-ping time updates on SSE 2026-03-17 07:15:31 +04:00
M1 94d24bac35 fix: fetch sparkline/chart immediately on SSE ping, no debounce delay 2026-03-17 07:12:48 +04:00
M1 b802c7c68b fix: bust Cloudflare cache on app.js with version query string 2026-03-17 07:10:27 +04:00
M1 66b368453d refactor: single account-level SSE stream instead of per-monitor connections 2026-03-17 07:06:09 +04:00
M1 55f9f6d8ed refactor: SSE just refreshes sparkline/chart from server, no DOM stat patching 2026-03-17 07:03:10 +04:00
M1 749c6f391e fix: SSE stream 500 — replace error() with plain Response in stream handler 2026-03-17 06:59:43 +04:00
M1 15227b9c6e fix: key_plain -> key in dashboard query 2026-03-17 06:51:27 +04:00
M1 e461d73ce3 refactor: drop all hashing, store keys plaintext 2026-03-17 06:47:22 +04:00
M1 54c89a5a11 fix: store key_plain on sub-keys, display always in settings with copy button 2026-03-17 06:40:33 +04:00
M1 c684d96d90 fix: rename API Keys -> Sub-Keys, show key inline on creation, no reload 2026-03-17 06:37:29 +04:00
M1 ab4f60e159 fix: rotate button inline with key field, updates in place 2026-03-17 06:34:57 +04:00
M1 0c65b5e3fa fix: just show the login key on settings page 2026-03-17 06:33:13 +04:00
M1 2ec1915ef5 fix: remove pointless internal UUID from settings, show login key label instead 2026-03-17 06:31:41 +04:00
M1 9d8982ae50 fix: key rotation shows new key in dedicated reveal, not sub-key div; clarify account ID label 2026-03-17 06:29:58 +04:00
M1 b80f4673b2 fix: use standard UUID v4 for keys instead of custom 256-bit hex format 2026-03-17 06:26:52 +04:00
M1 bbd5df8c46 fix: 8 groups of 8 chars, not 16 groups of 4 2026-03-17 06:26:14 +04:00
M1 43a1abc2ed fix: format keys as XXXX-XXXX-...-XXXX (8 groups), normalize before hashing 
Keys are now human-readable grouped hex instead of raw 64-char blobs.
resolveKey() strips dashes before sha256/bcrypt so both formats work.
All key creation paths (register, reset-key, sub-keys) hash the
normalized form. Login placeholder and maxlength updated to match.
 2026-03-17 06:25:19 +04:00
M1 b8ac4e7b1f fix: redirect loop on stale cookie, login broken for 64-char keys, stale docs 
- /dashboard now validates key before redirecting to /home — bad/old keys
  clear the cookie and show login instead of looping
- Login form: remove old 4-group auto-formatter, fix maxlength 19→64,
  fix min length validation 19→10, update placeholder
- New key display: break-all so 64-char hex wraps properly
- docs.html: update example key format and description
 2026-03-17 06:22:16 +04:00
M1 6bdd76b4f0 security: auth redesign, SSRF protection, CORS lockdown, and 13 other fixes 
- Auth (#2/#3): UUID PK, 256-bit keys, SHA-256 lookup + bcrypt hash
- SSRF (#1): validate URLs, block private IPs, cloud metadata endpoints
- CORS (#4): lock to pingql.com origins, not wildcard
- SSE limit (#6): 10 connections per monitor max
- ReDoS (#7): cap $regex patterns at 200 chars
- Monitor limit (#8): 100 per account default
- Cookie env config (#9): secure/domain from env vars
- Bearer parsing (#10): case-insensitive RFC 6750
- Pings retention (#11): 90-day pruner, hourly interval
- monitors.enabled index (#12): partial index for /internal/due
- Runner locking (#14): locked_until for horizontal scale safety
- COALESCE nullable bug (#17): dynamic PATCH with explicit undefined checks
- MONITOR_TOKEN null guard (#18): startup validation + middleware hardening
- reset-key cookie fix (#16): sets new cookie in response
 2026-03-17 06:10:10 +04:00
M1 5071e340c7 fix: SSE-driven chart/sparkline refresh, debounced server-side partials 2026-03-16 21:21:56 +04:00
M1 2f7273604b refactor: full SSR dashboard, minimal SSE DOM patches, poll-based refresh 2026-03-16 21:14:45 +04:00
M1 878829111f fix: use raw ETA tag for timestamp HTML in SSR monitor list 2026-03-16 17:37:48 +04:00
M1 31f95288e6 fix: missing closing ETA block tag in home.ejs SSR section 2026-03-16 17:32:22 +04:00
M1 0597c7f6e7 fix: set cookie domain to .pingql.com so it works on both subdomains 2026-03-16 17:26:56 +04:00
M1 ef56b47b09 feat: cookie-based auth, SSR dashboard, JS-optional login 2026-03-16 17:25:59 +04:00
M1 8e4cb84599 ux: widen dashboard layout to max-w-7xl, consistent px-8 padding 2026-03-16 17:15:45 +04:00
M1 d41d3a3737 fix: latency chart red dots — track up/down with latency values 2026-03-16 17:13:48 +04:00
M1 923f0349dc feat: fully SSE-driven detail/home pages, kill polling intervals 2026-03-16 17:10:12 +04:00
M1 037013b564 fix: SSE ping rows match existing table row style 2026-03-16 17:07:31 +04:00
M1 a681833d8d feat: detail edit form matches new monitor form (method, headers, body, timeout) 2026-03-16 17:04:30 +04:00
M1 ef2b2c043d feat: live sparkline updates on SSE ping 2026-03-16 16:20:34 +04:00
M1 31d1fa7b04 fix: SSE via fetch for auth headers, remove query param auth, add heartbeat every 10s 2026-03-16 16:17:33 +04:00
M1 6d48a83560 feat: SSE live ping stream for monitors 2026-03-16 16:14:23 +04:00
M1 1e95149456 feat: live-updating timestamps via data-ts attribute 2026-03-16 16:10:04 +04:00
M1 2bfe3a0272 fix: remove double popup on key rotation 2026-03-16 16:07:12 +04:00
M1 c73951ea91 fix: ON UPDATE CASCADE on account FK so key rotation propagates 2026-03-16 15:58:52 +04:00
M1 0b69fbfc72 fix: requireAuth uses onBeforeHandle instead of error() in derive 2026-03-16 15:56:33 +04:00
M1 0918478255 fix: poll every 1s instead of 10s for accurate intervals 2026-03-16 15:47:06 +04:00
M1 6c539d9066 fix: skip in-flight monitors to prevent stacked slow requests 2026-03-16 15:41:34 +04:00
M1 9b970a90e0 fix: fire-and-forget checks so slow monitors don't delay fast ones 2026-03-16 15:37:00 +04:00
M1 3368dbdd7f feat: custom method, headers, body, timeout on monitors 2026-03-16 15:30:35 +04:00
M1 d98aa5e46f fix: query-builder.js missing from monitor detail page 2026-03-16 15:25:16 +04:00
M1 5944fae824 fix: query-builder.js missing from new monitor EJS page 2026-03-16 15:21:21 +04:00
M1 4c5e426292 fix: remove defer from app.js so functions available to inline scripts 2026-03-16 15:19:33 +04:00
M1 87c924d8d0 fix: app.js deferred in head (fixes requireAuth undefined), extract app.css 2026-03-16 15:16:59 +04:00
M1 e36c239000 refactor: ETA templating engine for dashboard, shared nav/head/foot partials 2026-03-16 15:14:26 +04:00
M1 389c88e124 ux: move new monitor button to content area next to heading 2026-03-16 15:09:15 +04:00
M1 ce155cd338 feat: settings page — email, key rotation, sub-keys 2026-03-16 15:05:39 +04:00
M1 eb3ef7745f fix: emails used for recovery only, not notifications (notifications coming later) 2026-03-16 14:59:17 +04:00
M1 4e7fdfa07c fix: tighten hero bottom padding 2026-03-16 14:54:56 +04:00
M1 2627ad756f fix: align hero comment with actual query 2026-03-16 14:50:45 +04:00
M1 e12e5e682c copy: hero example uses $.db.status to show JSON inspection, shorter comment 2026-03-16 14:49:59 +04:00
M1 bf02243708 fix: replace $json latency with $responseTime in hero example 2026-03-16 14:48:23 +04:00
M1 6f7127aded copy: use real field names in hero code comment 2026-03-16 14:46:47 +04:00
M1 5613fb9cf4 fix: reduce gap between header and hero 2026-03-16 14:44:53 +04:00
M1 6f5f51e390 copy: update API section tagline 2026-03-16 14:41:56 +04:00
M1 729529b7fa fix: checked_at field name in dashboard UI + landing copy 2026-03-16 14:37:44 +04:00
M1 f4283a0915 feat: sticky header with nav links on landing page 2026-03-16 14:21:24 +04:00
M1 d11488ecbf feat: landing page at / 2026-03-16 14:16:25 +04:00
M1 7b38ff192e feat: custom docs page at /docs, drop swagger 2026-03-16 14:07:30 +04:00
M1 eb45152c29 feat: query language docs in swagger description 2026-03-16 14:02:55 +04:00
M1 33d1209ac9 feat: query language docs page at /dashboard/docs 2026-03-16 14:00:29 +04:00
M1 27c9044a8b feat: add $consider (UP/DOWN) toggle to query builder and evaluators 2026-03-16 13:56:36 +04:00
M1 5328471229 Revert "feat: grouped query builder with $upIf/$downIf condition groups" 
This reverts commit 99b59070a2.
 2026-03-16 13:53:27 +04:00
M1 99b59070a2 feat: grouped query builder with $upIf/$downIf condition groups 2026-03-16 13:52:06 +04:00
M1 b20f463d53 fix: correct pings import path in index.ts 2026-03-16 13:46:49 +04:00
M1 eb2d173cb0 rename: checks → pings throughout (DB, API, UI, Rust) 2026-03-16 13:45:09 +04:00
M1 b4f95fa375 refactor: merge checks into monitors (/monitors/:id/history), ingest moves to /internal/ingest 2026-03-16 13:43:55 +04:00
M1 a22112dc77 refactor: merge auth into account prefix (/account/register, /account/email) 2026-03-16 13:37:20 +04:00
M1 fd4af848bc fix: hide dashboard + internal routes from swagger docs 2026-03-16 13:33:44 +04:00
M1 fe7a0bf19b refactor: nested $json/$select syntax, migrate stored queries 2026-03-16 13:14:22 +04:00
M1 ab2cbaa5cc fix: coerce numeric values for jsonpath operators in query builder 2026-03-16 13:08:05 +04:00
M1 612d32e9dc remove key warning 2026-03-16 12:59:55 +04:00
M1 6749b21da1 fix: key warning copy 2026-03-16 12:58:48 +04:00
M1 a4424991f0 fix: accurate key warning copy 2026-03-16 12:57:34 +04:00
M1 692d7eb4f5 feat: post-registration key screen + optional email step 2026-03-16 12:55:52 +04:00
M1 20cc8d534b fix: rustls crypto provider + Arc import for cert expiry 2026-03-16 12:39:29 +04:00
M1 500132ba05 feat: dashboard, visual query builder, expanded query language, cert expiry support 2026-03-16 12:26:17 +04:00
M1 97c08b1951 fix: nullable error field in ingest body schema 2026-03-16 12:11:43 +04:00
M1 802055d24d fix: ingest endpoint routing conflict with requireAuth 2026-03-16 12:06:03 +04:00
M1 570222c7a9 Initial scaffold: web API (Bun/Elysia) + monitor (Rust/Tokio) 2026-03-16 11:40:24 +04:00