v0.4.0

v0.3.16...v0.4.0

Highlights

This is a major modernization release — the entire stack has been upgraded, the UI refreshed, and security hardened.

UI & Frontend

• Upgraded from Bootstrap 3 to Bootstrap 5 with Bootstrap Icons.
• Bundled DataTables and jQuery locally (no more CDN dependencies).
• New "View crontab" button to preview raw crontab from the UI.
• Replaced moment.js with the much lighter day.js.

Security

• Added Helmet for HTTP security headers.
• Added express-rate-limit (300 requests per 15-minute window).
• Added input validation middleware to sanitize db and id query parameters (path traversal protection).
• Structured error handling middleware with safe error responses.

Codebase Modernization

• Migrated to const/let and 'use strict' throughout.
• Replaced deprecated body-parser with built-in express.json() / express.urlencoded().
• Extracted auth, validation, and error handling into dedicated middleware modules.
• Switched database driver from nedb to @seald-io/nedb (actively maintained fork).
• Requires Node.js >= 20.

Testing & CI

• Switched from Mocha to Vitest.
• Switched from CircleCI to GitHub Actions.
• Added ESLint 9 (flat config) and Prettier.
• Added CodeQL static analysis workflow.

Docker

• Multi-stage build on node:22-alpine (smaller, faster images).
• Uses npm ci --omit=dev for deterministic installs.
• Added tini as PID 1 init process.
• Added HEALTHCHECK directive.
• Fixed log directory creation error in Docker (#215).

Other

• Added .editorconfig, .nvmrc, .prettierrc for consistent developer experience.
• Added stale bot configuration for issue/PR management.

Contributors

• @alseambusher
• @rodriciru (#215)