- Remove hardcoded TTS API key from app.py (major security vulnerability)
- Add python-dotenv support for secure environment variable management
- Create .env.example with configuration template
- Add comprehensive SECURITY.md documentation
- Update README with security configuration instructions
- Add warning when TTS_API_KEY is not configured
- Enhance .gitignore to prevent accidental commits of .env files
BREAKING CHANGE: TTS_API_KEY must now be set via environment variable or .env file
Security measures:
- API keys must be provided via environment variables
- Added dotenv support for local development
- Clear documentation on secure deployment practices
- Multiple .env file patterns in .gitignore
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add flask-cors dependency and configure CORS with security best practices
- Support configurable CORS origins via environment variables
- Separate admin endpoint CORS configuration for enhanced security
- Create comprehensive CORS configuration documentation
- Add apiClient utility for CORS-aware frontend requests
- Include CORS test page for validation
- Update README with CORS configuration instructions
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added TypeScript support with type definitions and build process
- Implemented loading animations and visual feedback
- Added push notifications with user preferences
- Implemented audio compression (50-70% bandwidth reduction)
- Added GPU optimization for Whisper (2-3x faster transcription)
- Support for NVIDIA, AMD (ROCm), and Apple Silicon GPUs
- Removed duplicate JavaScript code (15KB reduction)
- Enhanced .gitignore for Node.js and VAPID keys
- Created documentation for TypeScript and GPU support
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
