Follow-ups: IPv6 rate-limit, drop user_api_keys, refresh testing doc
- Rate limiter keyGenerator now calls ipKeyGenerator from express-rate-limit when falling back to IP, which canonicalises IPv6 addresses to a /64 prefix. Closes the ERR_ERL_KEY_GEN_IPV6 warnings printed on every backend boot since the multer 2 / v8 rate-limit upgrade and prevents IPv6 clients bypassing the IP bucket by rotating low-order bits. - Migration 0020 drops the user_api_keys table. Migration 0019 moved provider configuration to org_settings and the backend no longer reads or writes it; the column held AES-256-GCM ciphertext that never escaped the encrypted-at-rest layer, so a hard drop is acceptable. - docs/safe-local-testing.md rewritten to reflect the post-Supabase reality (Postgres + Auth.js, AES-encrypted local storage, Admin LLM panel, pip-uninstall.sh). The previous content was the upstream Mike doc and was misleading.
| Repository | cpatpa/PIP |
|---|---|
| Author | Claude <noreply@anthropic.com> |
| Authored | |
| Parents | 76030d6f |
| Stats | 3 files changed , +103 , -60 |
| Part of | LLM policy - admin-driven providers, curated local models, rate-limit tuning |
Capture this commit into my fork
Download a Markdown prompt that tells Claude how to port this
exact commit into your working tree. Run it via
claude -p < capture-commit-61689c39.md
from inside the repo you want the change in.