Summary
This PR introduces improvements to the application security and caching systems, building on top of the enterprise
syncthing fix.
Changes
🔄 Merge: Enterprise Syncthing Fix (#1596)
Merged PR #1596 that resolved issues with encrypted enterprise apps (version 8)
Added decryption support across multiple app lifecycle and monitoring services
Enhanced app query service with enterprise app decryption cache (7-day TTL)
Files modified: 10 files, +131 additions
⚡ Cache System Implementation for Blocked Repositories
Commit: 8a0c1a5 - "use cache system for the getBlockedRepositores"
Replaced legacy myLongCache (simple Map) with FluxOS's TTL cache system
Added blockedRepositoriesCache to cacheManager with 6-hour TTL
Reduces GitHub API calls from every hour to every 6 hours
Updated test suite to clear new cache in beforeEach() hooks
Benefits:
Compliance checks run every 1 hour (unchanged)
Blocked repositories list fetched every 6 hours (cached)
Reduced network overhead while maintaining security checks
Consistent with project's caching architecture
Files changed:
ZelBack/src/services/appSecurity/imageManager.js
ZelBack/src/services/utils/cacheManager.js
tests/unit/imageManager.test.js
🔒 Enhanced App Hash and Owner Blocking
Commit: d1cd251 - "App hash and Owner blocking added to the checkApplicationImagesBlocked"
Enhanced checkApplicationImagesBlocked() to check appSpecs.hash directly against raw blocked repositories list
Added direct owner checking against raw blocked repositories list
Implements double-check approach:
a. First: Check raw blocked list (with tags)
b. Second: Check processed list (tags stripped)
Impact:
More robust blocking - catches hashes/owners in any format
Prevents blocked apps from being spawned more reliably
Backward compatible with existing functionality
File changed:
ZelBack/src/services/appSecurity/imageManager.js (+9/-1)
📦 Version Bump
Commit: 75d0b24 - "bump version"
Updated package version to reflect these changes
Testing
✅ All tests passing (45 passing, 3 skipped)
Unit tests for imageManager verify caching behavior
Cache clearing in test hooks ensures clean state
Blocked repository tests validate enhanced hash/owner checking
Migration Notes
No breaking changes - this is a drop-in improvement to existing functionality.
Total Changes: 4 files modified across core services
Test Coverage: All existing tests passing + enhanced cache cleanup