github.com/temporalio/ui-server/v2
https://github.com/temporalio/ui-server is automatically updated to mirror changes to https://github.com/temporalio/ui/tree/main/server; commits should be made to the UI repository.
For contributions follow UI's development guide https://github.com/temporalio/ui
The development server uses Air for automatic hot reloading when Go source files change. Air will be automatically installed on first run in development mode, which may take a moment.
The server supports flexible CORS configuration through YAML config files:
cors:
allowOrigins:
- "https://example.com"
- "https://app.example.com"
unsafeAllowAllOrigins: false # Default: false
cookieInsecure: false
Configuration Options:
allowOrigins: List of explicitly allowed origins for CORS requestsunsafeAllowAllOrigins: ⚠️ UNSAFE - When true, allows any origin that makes a request. Only enable for development/testing environmentscookieInsecure: Allow CSRF cookies over insecure connections (useful for VPN scenarios)Security Note: The unsafeAllowAllOrigins setting bypasses CORS security and should never be enabled in production. It dynamically allows the requesting origin, which can expose your API to cross-origin attacks.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ECMAScript 2025 introduces Iterator Helpers, Set methods, JSON modules, and more in its latest spec update approved by Ecma in June 2025.
Security News
A new Node.js homepage button linking to paid support for EOL versions has sparked a heated discussion among contributors and the wider community.
Research
North Korean threat actors linked to the Contagious Interview campaign return with 35 new malicious npm packages using a stealthy multi-stage malware loader.