ddaf3c6cee54eb229e6cccf2d597cd44fcb30067
- Add JWT token auth to OPC WebSocket (unauthenticated → 403, per-user tracking) - Externalize Transmission RPC credentials to TRANSMISSION_USER/PASS env vars - Remove hardcoded SECRET_KEY fallback from dev compose - Rate-limit passkey register options endpoint at 5/minute - Add PDD (docs/improvement-plan.md) and sprint specs (specs/) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Description
Languages
Python
58.2%
Svelte
32.2%
JavaScript
5.6%
Shell
3.3%
Dockerfile
0.3%
Other
0.3%