1. Fixed credential-exfiltration risk in /api/proxy/image: Previously the endpoint could:

• accept arbitrary auth_id
• load stored API keys
• forward them to attacker-controlled URLs

2. Enforced outbound host allowlist globally Previously:

• allowlist existed
• but outgoingFetch() didn’t enforce it
• plugins/engines could bypass it

3. Fixed extension store path traversal Previously a malicious store manifest could:

• inject … paths
• escape install directories
• reference arbitrary files

4. Hardened proxy IP trust Previously:

• rate limiting trusted any X-Forwarded-For header
• clients could spoof their IP

5. Fixed inconsistent settings authentication Previously:

• settings UI stored an auth token
• but the settings modal didn’t send it when saving

6. Implemented Improved proxy deployment support

• Added proxy-aware behavior:
• DEGOOG_PUBLIC_BASE_URL for canonical URLs
• secure cookie handling when X-Forwarded-Proto=https

Additional Improvements:

• suggestion fetching hardened
• DuckDuckGo suggestion parsing fixed
• unified outbound request handling
• install state guard properly cleaned up

Made some other changes for my specific deployment. Very happy with your work so far. Thanks so much

ZFS will use memory to cache. Right now my unraid server is using 16gigs, most of that is being used by ZFS to cache files. 4gigs is all ~20 containers are using.

It’s not, the second I cloned it and gave codex access it found a whole whack of privacy issues. This was 100% human coded

I have kleinfelter syndrome, which means my body does not produce Testosterone, or very little anyway. I only found out at 38. I’ve had a pretty advanced internal monologue all my life, what the lack of T did give me was insulin resistance, major depression, and generalized anxiety. The latter 2 disappeared almost instantly after my first Testosterone injection. Depression was like a constant weight pushing down on me, the next morning I woke up without the weight, and without the worry about everything. And it was very weird.

Exactly what it’s designed for, it’s an LLM. Thinking this is science fiction and expecting that level of AI from an LLM is the height of stupidity

This being Lemmy and AI shit posting a hobby of everyone on here. I’ve had excellent results with AI. I have weird complicated health issues and in my search for ways not to die early from these issues AI is a helpful tool.

Should you trust AI? of course not but having used Gemini, then Claude and now ChatGPT I think how you interact with the AI makes the difference. I know what my issues are, and when I’ve found a study that supports an idea I want to discuss with my doctor I will usually first discuss it with AI. The Canadian healthcare landscape is such that my doctor is limited to a 15min appt, part of a very large hospital associated practice with a large patient load. He uses AI to summarize our conversation, and to look up things I bring up in the appointment. I use AI to preplan my appointment, help me bring supporting documentation or bullet points my doctor can then use to diagnose.

AI is not a doctor, but it helps both me and my doctor in this situation we find ourselves in. If I didn’t have access to my doctor, and had to deal with the American healthcare system I could see myself turning to AI for more than support. AI has never steered me wrong, both Gemini and Claude have heavy guardrails in place to make it clear that AI is not a doctor, and AI should not be a trusted source for medical advice. I’m not sure about ChatGPT as I generally ask that any guardrails be suppressed before discussing medical topics. When I began using ChatGPT I clearly outlined my health issues and so far it remembers that context, and I haven’t received hallucinated diagnoses. YMMV.