1. Fixed credential-exfiltration risk in /api/proxy/image: Previously the endpoint could:

• accept arbitrary auth_id
• load stored API keys
• forward them to attacker-controlled URLs

2. Enforced outbound host allowlist globally Previously:

• allowlist existed
• but outgoingFetch() didn’t enforce it
• plugins/engines could bypass it

3. Fixed extension store path traversal Previously a malicious store manifest could:

• inject … paths
• escape install directories
• reference arbitrary files

4. Hardened proxy IP trust Previously:

• rate limiting trusted any X-Forwarded-For header
• clients could spoof their IP

5. Fixed inconsistent settings authentication Previously:

• settings UI stored an auth token
• but the settings modal didn’t send it when saving

6. Implemented Improved proxy deployment support

• Added proxy-aware behavior:
• DEGOOG_PUBLIC_BASE_URL for canonical URLs
• secure cookie handling when X-Forwarded-Proto=https

Additional Improvements:

• suggestion fetching hardened
• DuckDuckGo suggestion parsing fixed
• unified outbound request handling
• install state guard properly cleaned up

Made some other changes for my specific deployment. Very happy with your work so far. Thanks so much

ZFS will use memory to cache. Right now my unraid server is using 16gigs, most of that is being used by ZFS to cache files. 4gigs is all ~20 containers are using.

It’s not, the second I cloned it and gave codex access it found a whole whack of privacy issues. This was 100% human coded