fix: support core shoutrrr provider schemes (#317)

* fix: support core shoutrrr provider schemes * fix(ci): resolve backend lint failures and harden shoutrrr URL handling * fix(codeql): mark validated gotify target as intentional external call * fix(codeql): route gotify scheme through validated webhook sink
2026-02-25 22:22:50 +01:00
parent a47bde0956
commit 06bf608913
2 changed files with 245 additions and 39 deletions
@@ -57,6 +57,13 @@ function sanitizeCorrelationId(headers: IncomingHttpHeaders): string | null {
 	return trimmed;
 }

+function buildLoggerOptions(level: string) {
+	return {
+		level,
+		timestamp: () => `,"time":"${new Date().toISOString()}"`,
+	};
+}
+
 /** Create and configure Fastify app (without starting) */
 export async function createApp(options?: {
 	logLevel?: string;
@@ -84,7 +91,7 @@ export async function createApp(options?: {
 	};

 	const app = Fastify({
-		logger: { level: opts.logLevel },
+		logger: buildLoggerOptions(opts.logLevel),
 		genReqId: (request) => sanitizeCorrelationId(request.headers) ?? randomUUID(),
 	});

@@ -157,9 +164,7 @@ log.info("[DB] Migrations complete, starting server...");
 const imagesDir = ensureImagesDirectory();

 const app = Fastify({
-	logger: {
-		level: env.LOG_LEVEL,
-	},
+	logger: buildLoggerOptions(env.LOG_LEVEL),
 	genReqId: (request) => sanitizeCorrelationId(request.headers) ?? randomUUID(),
 });