senke
1831708f6a
[BE-SEC-001] security: Fix ownership verification for user profile updates
...
- Verified RequireOwnershipOrAdmin middleware is correctly applied to PUT /users/:id
- Added integration tests for ownership verification
- Test: user cannot update another user's profile (403 Forbidden)
- Test: admin can update any profile (200 OK)
- Test: user can update own profile (200 OK)
- All tests pass
Phase: PHASE-1
Priority: P0
Progress: 1/267 (0.4%)
2025-12-23 01:36:04 +01:00
senke
aecd3b369a
fix(MVP-015): Standardize remember_me field name to snake_case
2025-12-22 23:27:51 +01:00
senke
b43caee67c
fix(MVP-014): Add CORS credentials configuration validation
2025-12-22 23:17:24 +01:00
senke
9e41db9614
fix(MVP-013): Add error correlation with request IDs in logs
2025-12-22 23:13:49 +01:00
senke
26a1f1e624
fix(MVP-012): Add retry logic with exponential backoff for 502/503 errors
2025-12-22 23:10:52 +01:00
senke
de6b816877
fix(MVP-011): Simplify token refresh response handling to single format
2025-12-22 23:06:52 +01:00
senke
73c305033a
fix(MVP-010): Fix error code type in Zod schemas (string → number)
2025-12-22 23:05:08 +01:00
senke
f0033de6e8
fix(MVP-009): Fix GetMe endpoint to return full user object from database
2025-12-22 23:03:46 +01:00
senke
3e53dc880b
fix(MVP-008): Add feature flags to disable non-MVP features with missing endpoints
2025-12-22 23:01:36 +01:00
senke
36ea934917
fix(MVP-007): Fix profile endpoint paths to match backend routes
2025-12-22 22:58:18 +01:00
senke
6310c5d6ed
fix(MVP-006): Standardize environment variable names (VITE_API_BASE_URL → VITE_API_URL)
2025-12-22 22:56:37 +01:00
senke
64991faf63
batch 1
2025-12-22 22:00:50 +01:00
senke
d41a9fd8e9
fix(INT-000002): Multiple Auth Storage Mechanisms
...
- Unified token storage to use TokenStorage service
- Removed deprecated token-manager.ts
- Removed fallback storage logic in API client
- Updated tests and feature components to use TokenStorage
Resolves: INT-000002
Severity: P0
2025-12-22 09:53:47 -05:00
senke
c5eb89d7f5
fix(INT-000001): CORS Configuration Will Break Production
...
- Updated docker-compose.production.yml to set APP_ENV=production
- Added CORS_ALLOWED_ORIGINS configuration to backend-api service
- Created integration tracking documents
Resolves: INT-000001
Severity: P0
2025-12-22 09:39:48 -05:00
senke
bb4be56b28
reviewing and documenting frontend x backend inbtegration status
2025-12-21 19:41:45 -05:00
senke
e4212ee594
stabilizing apps/web: THIRD BATCH - FIXED Playwright
2025-12-21 18:55:51 -05:00
senke
e518b70067
stabilizing apps/web: SECOND BATCH - FIXING Playwright
2025-12-17 12:20:42 -05:00
senke
da606b2d01
fix(frontend): STATUS OVERVIEW
2025-12-17 09:20:58 -05:00
senke
e6c9f80d68
fix(frontend): stabilize architecture (router, lazy loading, build, auth)
2025-12-17 09:15:45 -05:00
senke
3cd3d1ad0f
stabilizing apps/web: FIRST BATCH
2025-12-17 08:07:35 -05:00
senke
8106eb7727
stabilizing apps/web: SITUATION AWARENESS
2025-12-16 14:40:16 -05:00
senke
e46f123388
stabilizing veza-backend-api: LAST REMEDIATION
2025-12-16 14:07:36 -05:00
senke
6a1de0505d
stabilizing veza-backend-api: P3 - FINAL
2025-12-16 13:37:36 -05:00
senke
d341c8f847
stabilizing veza-backend-api: P1 & P2
2025-12-16 13:34:08 -05:00
senke
ebc2d24564
stabilizing veza-backend-api: P0
2025-12-16 11:59:56 -05:00
senke
94555e7ae4
stabilizing veza-backend-api: phase 1
2025-12-16 11:23:49 -05:00
senke
feb7283cd4
refonte: backend-api go first; phase 1
2025-12-12 21:34:34 -05:00
okinrev
af70084298
report generation and future tasks selection
2025-12-08 19:57:54 +01:00
okinrev
1a7a0d3e6f
fix(redis,rabbitmq): clean dev/lab behavior
2025-12-07 14:28:55 +01:00
okinrev
3971574b25
chore(dev): add lab migration and run scripts
2025-12-07 14:27:51 +01:00
okinrev
94a4e72849
fix(health): make readiness check reflect real dependency state
2025-12-07 14:27:07 +01:00
okinrev
7225bbfbdf
fix(db): align automatic migrations with SQL files
2025-12-07 14:26:48 +01:00
okinrev
ce05b6792c
Merge pull request #2 from okinrev/remediation/full_audit_fix
...
Remediation/full audit fix
2025-12-06 17:53:06 +01:00
okinrev
7fdfb711da
refactor(marketplace): enforce unified api response envelope
2025-12-06 17:39:04 +01:00
okinrev
5509885a4d
refactor(track): enforce unified api response envelope
2025-12-06 17:37:00 +01:00
okinrev
88a8bfdce0
feat(api): remediate missing openapi spec and annotate handlers
2025-12-06 17:34:18 +01:00
okinrev
65af2570a8
STABILISATION: phase 3–5 – API contract, tests & chat-server hardening
2025-12-06 17:21:59 +01:00
okinrev
d34dbec09e
STABILISATION: phase 1 & phase 2
2025-12-06 14:45:07 +01:00
okinrev
97d1a95d62
feat(backend-worker): persist job queue in postgres
2025-12-06 13:32:32 +01:00
okinrev
a45f5aba83
docs(remediation): add audit report, remediation plan and changelog skeleton
2025-12-06 13:25:54 +01:00
okinrev
f79631c121
fix(chat-server): finalize HTTP auth and startup wiring
2025-12-06 13:25:25 +01:00
okinrev
b726be3c42
chore(backend-tests): remove obsolete metrics and profile/system_metrics tests
2025-12-06 13:25:10 +01:00
okinrev
f60e186db8
security(chat-server): implement auth middleware and permission checks for HTTP API
2025-12-06 13:18:12 +01:00
okinrev
bbd3f4ce00
fix(backend-tests): enable room_handler_test and resolve metric collisions
2025-12-06 12:53:15 +01:00
okinrev
388d361e7a
feat(chat-server): implement graceful shutdown with OS signal handling
2025-12-06 12:02:46 +01:00
okinrev
109ca3cb82
feat(chat-server): implement 60s inactivity heartbeat timeout
2025-12-06 12:00:20 +01:00
okinrev
e169a982d3
fix(stream-processor): replace unsafe abort with graceful join to drain events
2025-12-06 11:52:34 +01:00
okinrev
f33e6055ea
chore(backend): remove legacy migrations and main file
2025-12-06 11:50:22 +01:00
okinrev
f72bac7787
fix(backend-worker): replace blocking sleep with non-blocking scheduler
2025-12-06 11:49:54 +01:00
okinrev
8cbfcb5789
Merge pull request #1 from okinrev/fix/p0-backend-chat-stream-stabilization
...
Fix/p0 backend chat stream stabilization
2025-12-06 11:27:31 +01:00
