Releases: BackendStack21/bungate
Releases · BackendStack21/bungate
v1.0.1 — Pentest-hardened security release
What's New
4 pentest vulnerabilities found and fixed in isolated Docker audit. Every fix verified against 803-test suite with zero regressions.
Pentest Fixes
| Vulnerability | Severity | Fix |
|---|---|---|
| Double-encoding path traversal (%252f, ....//) | 🔴 Critical | Recursive decode engine + two-pass validation |
| Health check cascade DoS | 🔴 Critical | Failure threshold (3), success threshold (2), min-healthy floor |
| Rate limiter X-Forwarded-For bypass | 🟡 Medium | Secure getClientIP() via trusted proxy validator |
| Error handler stack trace leakage | 🟡 Medium | Global error handler registered — sanitized 500s |
Code Coverage
| Metric | Value |
|---|---|
| Line Coverage | 98.97% |
| Function Coverage | 94.55% |
| Tests | 803 (44 files) |
| Failures | 0 |
Landing Page
New Security Coverage section at bungate.21no.de with real pentest data, coverage dashboard, and fix details.
Commits
b4cdbf0— Global error handler (stack trace leak)2439c87— All 4 pentest vulnerability fixesd8f3fbf— Coverage: 92.97% → 98.97% (803 tests)6f01a35— Landing page: security coverage section
v0.3.0
What's Changed
- feat: Enhance TypeScript interfaces and documentation by @jkyberneees in #2
- feat: Enhance ClusterManager with dynamic scaling, restart policies, … by @jkyberneees in #3
- feat: Enhance load balancing strategies by @jkyberneees in #4
Full Changelog: v0.2.0...v0.3.0
Contributors
jkyberneees
Assets 2
v0.2.0
Add comprehensive benchmarking and cluster management for BunGate
- Implemented Nginx configuration for load balancing with health checks.
- Created a benchmark script using wrk for API Gateway performance comparison.
- Developed a report generator for wrk benchmark results.
- Added a cluster example demonstrating BunGateway with load balancing.
- Introduced ClusterManager for managing worker processes with restart capabilities.
- Enhanced BunGateway to support cluster mode with configuration options.
- Added integration and end-to-end tests for cluster mode functionality.
- Updated documentation and logging for better clarity and usability.
v0.1.0
What's Changed
Releasing bungate to the world!
Full Changelog: https://github.com/BackendStack21/bungate/commits/v0.1.0