- Limit the maximum upload file size to 500 KB.
- Minify CSS in the `userChrome` and `userContent` fields.
- Sanitize uploaded JSON to remove XSS references (create and update).
- Permitir publicar un rice con un token existente si no excede el límite.
- Configurar límite de 5 rices por token a través de variable de entorno (env.MAX_RICES_BY_TOKEN).
- Validar duplicidad de nombres al crear un nuevo rice.
- Add robust error handling for `generateSlug`, throwing `BadRequestException` on invalid input.
- Improve error messages to provide clearer feedback in case of failures.
- Added token validation for `update` and `remove` operations to ensure it matches the record in the database.
- Ensured `name` and `author` from headers in `update` are validated against the existing record.
- Improved error handling for mismatched or missing tokens, returning appropriate HTTP status codes.
- The rice database now includes new fields:
- `version`: Represents the version of the rice entry.
- `os`: Represents the operating system associated with the rice entry.
- These fields are required for all new rice entries.
refactor: Stop uploading rice.json to GitHub
- The `rice.json` file is no longer uploaded to GitHub during rice creation or updates.
- This reduces redundancy as all metadata is now managed directly in the database (Supabase).
fix: Improve exception handling with proper HTTP status codes
- Enhanced exception handling to align with standard HTTP status codes:
- `BadRequestException` for validation errors.
- `ConflictException` for duplicate entries.
- `NotFoundException` for missing resources.
- Generic `InternalServerErrorException` for unexpected errors.
- This ensures the API returns meaningful and accurate responses.
feat: Enhance rice download to act as a standard HTTP GET
- The `findOne` method now returns the raw content of the rice file directly as the response body.
- Removes unnecessary JSON wrappers, allowing the endpoint to behave like a typical HTTP GET request.
- Improved usability for clients consuming the API.