breznflow

10 commits 1 branch 5 tags 166 KiB

Author	SHA1	Message	Date
Michael	5c4d5f6686	release: v1.0.4 Security - Add looks_like_secret() entropy heuristic: vendor regex (AIza, sk-, ghp_, gho_, Slack xox, Bearer) + length/char-class fallback + path/whitespace denylist. Defensible hybrid: zero false-positives on known token formats, catches custom tokens without tripping on URLs or slugs. - Gate generic 'key'-named fields and ?key= URL params with the entropy heuristic. Closes the n8n queryParameters Google-API-key bypass without false-positives on benign values. - Entropy fallback in mask_name_value_pair for custom-header value patterns (X-App-Token etc.) whose names we cannot enumerate. - Redact credentials[].name per node (id retained), clear meta.instanceId so exports no longer correlate to the source n8n instance. - Opt-in tag clearing at publish time: wizard step 3 checkbox with the current tag list inline, only shown when tags exist. - Wizard step 3 now renders a collapsible Reason / Key / Note table so publishers can verify exactly what was masked before publishing. Mobile - touch-action: none on .breznflow-svg to stop the browser-vs-plugin gesture tug-of-war. - Rewrote pointer handling as a Map-based multi-pointer state machine with { passive: false } listeners: single-finger pan is now smooth on iOS and Android, pinch-to-zoom anchored at the finger midpoint, double-tap toggles 100/200 % zoom. - Minimap ported to pointer events + setPointerCapture — tap and drag navigation work on touch. Docs - Expand Sensitive Data Masking section of both READMEs to describe the 1.0.4 passes and the opt-in tag removal. - Version badge 1.0.3 -> 1.0.4. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-24 18:58:51 +00:00
Michael	5ef9e65617	Restructure repo: move plugin into breznflow/ subfolder, add README/LICENSE - Move all plugin files into breznflow/ subdirectory (matches BreznGEO structure) - Add README.md (English) and README.de.md (German) with full documentation - Add GPL-2.0 LICENSE file - Rewrite readme.txt: expanded description, FAQs, external services, changelog Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-30 15:26:24 +00:00

Author

SHA1

Message

Date

Michael

5c4d5f6686

release: v1.0.4

Security

- Add looks_like_secret() entropy heuristic: vendor regex (AIza, sk-,
  ghp_, gho_, Slack xox, Bearer) + length/char-class fallback +
  path/whitespace denylist. Defensible hybrid: zero false-positives
  on known token formats, catches custom tokens without tripping on
  URLs or slugs.
- Gate generic 'key'-named fields and ?key= URL params with the
  entropy heuristic. Closes the n8n queryParameters Google-API-key
  bypass without false-positives on benign values.
- Entropy fallback in mask_name_value_pair for custom-header value
  patterns (X-App-Token etc.) whose names we cannot enumerate.
- Redact credentials[].name per node (id retained), clear
  meta.instanceId so exports no longer correlate to the source n8n
  instance.
- Opt-in tag clearing at publish time: wizard step 3 checkbox with
  the current tag list inline, only shown when tags exist.
- Wizard step 3 now renders a collapsible Reason / Key / Note table
  so publishers can verify exactly what was masked before publishing.

Mobile

- touch-action: none on .breznflow-svg to stop the
  browser-vs-plugin gesture tug-of-war.
- Rewrote pointer handling as a Map-based multi-pointer state
  machine with { passive: false } listeners: single-finger pan is
  now smooth on iOS and Android, pinch-to-zoom anchored at the
  finger midpoint, double-tap toggles 100/200 % zoom.
- Minimap ported to pointer events + setPointerCapture — tap and
  drag navigation work on touch.

Docs

- Expand Sensitive Data Masking section of both READMEs to describe
  the 1.0.4 passes and the opt-in tag removal.
- Version badge 1.0.3 -> 1.0.4.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-04-24 18:58:51 +00:00

Michael

5ef9e65617

Restructure repo: move plugin into breznflow/ subfolder, add README/LICENSE

- Move all plugin files into breznflow/ subdirectory (matches BreznGEO structure)
- Add README.md (English) and README.de.md (German) with full documentation
- Add GPL-2.0 LICENSE file
- Rewrite readme.txt: expanded description, FAQs, external services, changelog

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-30 15:26:24 +00:00

Renamed from includes/Security/MaskingRules.php (Browse further)

2 commits