Brutal Noise
Назад към всички версии
v1.53.1

Guest checkout enabled without authentication walls

Security hardening and performance tuning across checkout, uploads, and data fetching. Guest checkout now works without friction.

Security

  • Gift card balance endpoint now requires authentication and rate limiting
  • Avatar uploads validated against file magic bytes to block spoofed formats
  • Admin preview uploads hardened with stricter validation
  • Game score submissions rate-limited to prevent abuse
  • Forum admin mutations now properly check response status

Checkout & Commerce

  • Guest checkout no longer blocked by middleware redirect
  • Wishlist remove operations guarded with error handling

Performance

  • Database indexes added for reviews, wishlist, games, and designs
  • Admin dashboard queries batched into single Promise.all
  • Forum post and comments fetches parallelized
  • Product page design and session queries now run in parallel
  • Leaderboard queries parallelized with Promise.all

Reliability

  • Error boundaries added to blog, forum, shop, and profile routes
  • Cache-Control headers applied to public forum and testimonials
  • Forum comment cascade delete fixed to prevent orphaned data
  • Translation timeout reduced to 8s for Vercel compatibility
Покажи суровите комити
## [1.53.1](https://github.com/Fowthy/brutalnoise/compare/v1.53.0...v1.53.1) (2026-04-14)


### Bug Fixes

* add auth and rate limiting to gift card balance endpoint ([15a0f0d](https://github.com/Fowthy/brutalnoise/commit/15a0f0dac7d6183f82ab541a079a07ec47502abc))
* add Cache-Control headers to public forum and testimonials routes ([33c3f74](https://github.com/Fowthy/brutalnoise/commit/33c3f746f87efa7b13ef271ed33655ba4e1dfd04))
* add cascade delete to forum comment parentId foreign key ([6fc2fc3](https://github.com/Fowthy/brutalnoise/commit/6fc2fc3fa61e43c62a8abc51b1fcc62d25aa405b))
* add error boundaries to blog, forum, shop, and profile route segments ([e9dc7c7](https://github.com/Fowthy/brutalnoise/commit/e9dc7c799d569636620fcb343a6b2134150867b9))
* add magic byte validation to avatar upload ([61c2c3c](https://github.com/Fowthy/brutalnoise/commit/61c2c3c5981612ac15820b19983809144d7070d6))
* add missing performance indexes for reviews, wishlist, games, designs ([572598f](https://github.com/Fowthy/brutalnoise/commit/572598fd949d2b4a993026e3290b59ed023bf3f9))
* add rate limiting to game score submission ([86ae103](https://github.com/Fowthy/brutalnoise/commit/86ae10374cccc6329453961528e67b3be36017d9))
* allow guest checkout by removing middleware redirect ([2503e95](https://github.com/Fowthy/brutalnoise/commit/2503e95de0d9d019bc892a928556fe37f97bd15b))
* check res.ok in forum admin mutation handlers ([2d0e035](https://github.com/Fowthy/brutalnoise/commit/2d0e0355941eaf61dbddde55a869178dba0dd122))
* correct lint hook path in settings.json ([28206e7](https://github.com/Fowthy/brutalnoise/commit/28206e7900d6c7e02e15955d999aeefac4791b67))
* guard wishlist remove and JSON.parse with error handling ([a463efc](https://github.com/Fowthy/brutalnoise/commit/a463efc731984eb8cabdbcaa535e6875fd942cbd))
* harden admin preview upload validation ([4e514ca](https://github.com/Fowthy/brutalnoise/commit/4e514cabaeecb73e182e43ee76d7d2773d8c09ad))
* merge admin dashboard query batches into single Promise.all ([41d1e2a](https://github.com/Fowthy/brutalnoise/commit/41d1e2a39e6efd3abb9ca402eb573d940a0abaf5))
* parallelize forum post and comments fetch with postId prop ([ccd769d](https://github.com/Fowthy/brutalnoise/commit/ccd769de8b2c4f417ccd965144a95c525c455c67))
* parallelize getDesignById and getSession on product page ([ed0af24](https://github.com/Fowthy/brutalnoise/commit/ed0af24881e73d5240f7629b5b3571b807c0f3cc))
* parallelize leaderboard queries with Promise.all ([4147ef1](https://github.com/Fowthy/brutalnoise/commit/4147ef1d1f7e7113392512de636ef4864692fd66))
* reduce translate timeout to 8s for Vercel limit ([6cb7ebd](https://github.com/Fowthy/brutalnoise/commit/6cb7ebd09d49ab50d9ce03c6d020f4dac5951dee))