senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/chat_exports/veza_ag_chat_7.md

401 lines
10 KiB
Markdown
Raw Permalink Normal View History

report generation and future tasks selection
2025-12-08 18:57:54 +00:00
# Chat Conversation
Note: _This is purely the output of the chat conversation and does not contain any raw data, codebase snippets, etc. used to generate the output._
### User Input
# 🚀 **PHASE 6 — FULL SYSTEM VALIDATION & PRE-RELEASE HARDENING**
Tu démarres maintenant **Phase 6**, après finalisation de :
* **API Contract Final (Phase 5)**
* **OpenAPI 3.1 complète**
* **API Frontend Integration Guide**
* **API stability tests + micro-E2E API flow**
Lobjectif est dobtenir un projet **Veza Backend API** entièrement prêt pour :
* lintégration complète du frontend,
* la mise en staging,
* et la livraison dune **Release Candidate (RC1)**.
Phase 6 consiste en une **validation transversale complète**, au-delà de lAPI :
services, repos, migrations, monitoring, jobs, cohérence transactionnelle, performance minimale, sécurité.
---
# 🎯 OBJECTIF GLOBAL PHASE 6
Garantir que **tout le backend est cohérent, performant, vérifiable, audit-proof**, et prêt à être gelé pour une release RC1.
Phase 6 comprend :
1. **Full Contract Validation**
Vérifier que *chaque endpoint* implémenté respecte exactement :
* OpenAPI 3.1 (schémas, erreurs, enveloppes)
* API Contract Final (types, naming, constraints)
* API Frontend Guide (formes attendues côté client)
2. **Cross-Layer Consistency**
Vérifier que tous les layers respectent lAPI contract :
* handlers
* services
* repositories
* validators
* models
3. **System-Wide Regression Detection**
Déceler toute incohérence introduite depuis Phase 15 :
* migrations manquantes / incohérentes
* sentinel errors non propagées correctement
* inconsistances transients (jobs schedulés, cleanup)
* performance dégradée sur certains services (bitrate adaptation, playlist ops)
4. **Security Hardening**
* Vérifier tout JWT, refresh, scopes, RBAC, forbidden cases
* Sassurer quaucune fuite dexistence (404 vs 403) nexiste
* Vérifier exhaustivement les path parameters (UUID validations)
* Vérifier upload / multipart security (DoS surfaces)
5. **Transaction & Consistency Review**
Inspecter :
* Playlist operations (multi-track reorder)
* Playback analytics batch operations
* Track upload + HLS generation interactions
* Cleanup jobs (session cleanup, token cleanup)
* Room & chat token lifecycle
6. **Performance Budget Check**
(Rapide mais indispensable)
* Latence handler ≤ 5ms local
* JSON parsing stable et sans allocations inutiles
* Repos SQLite tests ≤ 150ms
* Aucun handler neffectue dopération O(N²) inutile
7. **System-Level Tests & Acceptance Criteria**
Créer un pack de tests :
```
tests/system/
TestSystem_AuthAndRefresh
TestSystem_UploadAndTranscode
TestSystem_PlaylistAndTracks
TestSystem_Comments
TestSystem_RoomAndChatToken
TestSystem_AdminEndpoints
```
Ces tests utilisent SQLite + mocks pour services externes.
---
# ✔️ **1. MISSION DÉTAILLÉE**
## A. Vérification de conformité OpenAPI ↔ Code
Pour chaque endpoint :
* comparer handler ↔ DTO ↔ OpenAPI ↔ actual runtime
* détecter :
* champs en trop
* champs manquants
* valeurs incorrectes
* erreurs HTTP non conformes
* enveloppes JSON incorrectes
Produire un tableau :
```
Endpoint | Issue | Severity | Fix
```
## B. Validation JSON & Structs
Analyser tous les DTOs dans :
```
internal/dto/
internal/models/responses.go
internal/handlers/common.go
```
Objectifs :
* snake_case strict
* json tags cohérents
* aucun champ inutile exposé au client
* `omitempty` utilisé intelligemment
* structures uniformes dans toutes les réponses success/error
## C. Security Hardening Review
Inspecter :
* Refresh token logic
* Invalid token behavior
* Expired token behavior
* Missing/invalid scopes
* Playlist privacy leaks
* Chat token misuse
* Session hijacking protections
Corriger toute anomalie.
Un commit = un fix.
## D. Transaction & Consistency Review
Auditer :
* Playlist operations (add/remove/reorder)
* Track upload → session → HLS
* Comment parent/child correctness
* Room creation/join flows
* Playback analytics (intersections, aggregations, comparisons)
Ces couches doivent **toujours** respecter lAPI Contract Final.
## E. Tests système
Créer le dossier :
```
tests/system/
```
Utiliser un runner dédié :
```
go test -v ./tests/system
```
Chaque test doit :
* exécuter un workflow complet
* vérifier la conformité JSON avec les schémas
* vérifier les codes HTTP corrects
* être indépendant (SQLite in-memory)
* être court et stable
## F. Mise à jour des documents
Tu dois mettre à jour :
* `API_CONTRACT_FINAL.md` (ajustements finaux)
* `API_FRONTEND_GUIDE.md` (exemples complets / correction)
* `API_STABILITY_REPORT.md`
* `POST_REMEDIATION_REPORT.md` (Phase 6)
* `CHANGELOG.md`
Et créer :
```
SYSTEM_VALIDATION_REPORT.md
SECURITY_REVIEW_FINAL.md
PERFORMANCE_BUDGET_REPORT.md
```
---
# ✔️ **2. METHODOLOGIE EXÉCUTIVE**
### Étape 1
Scanner toute lAPI (handlers/services/dto/models).
### Étape 2
Générer la liste exhaustive des incohérences.
### Étape 3
Proposer un ordre optimal de résolution P0 → P2.
### Étape 4
Appliquer les correctifs :
**1 commit = 1 problème = 1 justification.**
### Étape 5
Exécuter les tests système.
### Étape 6
Corriger jusquà obtenir **0 regression**.
### Étape 7
Produire les rapports finaux Phase 6.
---
# ✔️ **3. DÉMARRAGE**
Commence maintenant en :
1. Scannant toutes les routes déclarées (cmd/api/main.go, router.go)
2. Comparant immédiatement **OpenAPI ↔ handlers**
3. Produisant une liste P0/P1/P2
4. Appliquant le premier fix
---
# 🚀 **PHASE 6 STARTS NOW — CONTINUE**
*Edited relevant file*
*Edited relevant file*
*User accepted the command `find . -maxdepth 3 -not -path '*/.*'`*
*Viewed [swagger.yaml](file:///home/senke/Documents/veza/veza-backend-api/docs/swagger.yaml) *
*Viewed [router.go](file:///home/senke/Documents/veza/veza-backend-api/internal/api/router.go) *
*Viewed [swagger.json](file:///home/senke/Documents/veza/veza-backend-api/docs/swagger.json) *
*Viewed [API_CONTRACT_FINAL.md](file:///home/senke/Documents/veza/veza-backend-api/API_CONTRACT_FINAL.md) *
*Viewed [auth.go](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers/auth.go) *
*Searched filesystem*
*Viewed [common.go](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers/common.go) *
*Edited relevant file*
*Edited relevant file*
### User Input
*Viewed [main.go](file:///home/senke/Documents/veza/veza-backend-api/cmd/api/main.go) *
*Listed directory [dto](file:///home/senke/Documents/veza/veza-backend-api/internal/dto) *
*Viewed [login_request.go](file:///home/senke/Documents/veza/veza-backend-api/internal/dto/login_request.go) *
*Semantic searched codebase*
*Viewed [response.go](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers/response.go) *
*Viewed [register_request.go](file:///home/senke/Documents/veza/veza-backend-api/internal/dto/register_request.go) *
*Edited relevant file*
*Edited relevant file*
*Viewed [profile_handler.go](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers/profile_handler.go) *
*Edited relevant file*
*Edited relevant file*
*Edited relevant file*
*Listed directory [track](file:///home/senke/Documents/veza/veza-backend-api/internal/core/track) *
*Viewed [handler.go](file:///home/senke/Documents/veza/veza-backend-api/internal/core/track/handler.go) *
*Viewed [response.go](file:///home/senke/Documents/veza/veza-backend-api/internal/response/response.go) *
*Edited relevant file*
*Edited relevant file*
*Edited relevant file*
*Viewed [playlist_handler.go](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers/playlist_handler.go) *
*Edited relevant file*
*Edited relevant file*
*Viewed [chat_handler.go](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers/chat_handler.go) *
*Edited relevant file*
*Edited relevant file*
*Listed directory [handlers](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers) *
*Viewed [marketplace.go](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers/marketplace.go) *
*User accepted the command `swag init -g cmd/api/main.go --parseDependency --parseInternal`*
*User accepted the command `/home/senke/go/bin/swag init -g cmd/api/main.go --parseDependency --parseInternal`*
*Viewed [swagger.yaml](file:///home/senke/Documents/veza/veza-backend-api/docs/swagger.yaml) *
*Viewed [swagger.yaml](file:///home/senke/Documents/veza/veza-backend-api/docs/swagger.yaml) *
*Edited relevant file*
*Edited relevant file*
### User Input
commit ca
*User accepted the command `git status`*
*User accepted the command `git add . && git commit -m "feat(api): remediate missing openapi spec and annotate handlers"`*
*Edited relevant file*
*Edited relevant file*
*Edited relevant file*
*Edited relevant file*
*User accepted the command `go build ./internal/core/track/...`*
*Edited relevant file*
*User accepted the command `go build ./internal/core/track/...`*
*Edited relevant file*
*User accepted the command `git add . && git commit -m "refactor(track): enforce unified api response envelope"`*
*Edited relevant file*
*User accepted the command `go build ./internal/handlers/...`*
*Edited relevant file*
*Listed directory [errors](file:///home/senke/Documents/veza/veza-backend-api/internal/errors) *
*Viewed [errors.go](file:///home/senke/Documents/veza/veza-backend-api/internal/errors/errors.go) *
*Viewed [codes.go](file:///home/senke/Documents/veza/veza-backend-api/internal/errors/codes.go) *
*Edited relevant file*
*User accepted the command `go build ./internal/handlers/...`*
*Viewed [marketplace.go](file:///home/senke/Documents/veza/veza-backend-api/internal/handlers/marketplace.go) *
*User accepted the command `go build ./internal/handlers/...`*
*Edited relevant file*
*User accepted the command `go build ./internal/handlers/...`*
*User accepted the command `/home/senke/go/bin/swag init -g cmd/api/main.go --parseDependency --parseInternal`*
*Edited relevant file*
*Edited relevant file*
*User accepted the command `git add . && git commit -m "refactor(marketplace): enforce unified api response envelope"`*
Reference in a new issue Copy permalink