senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2175 commits 37 branches 94 tags 1.5 GiB
Commit graph

2175 commits

This branch
This branch
All branches
Author SHA1 Message Date
senke
20a16f7cbe test: add comprehensive e2e test suite (34 spec files) 
New tests/e2e/ suite covering:
- Auth, navigation, player, tracks, playlists
- Search, discover, social, marketplace, chat
- Accessibility, API, workflows, edge cases
- Routes coverage, forms validation, modals
- Empty states, responsive, network errors
- Error boundary, performance, visual regression
- Cross-browser, profile, smoke, upload
- Storybook, deep pages, visual bugs
- Includes fixtures, helpers, global setup/teardown
- Playwright config and coverage map

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:36:22 +01:00
senke
73eca4f6ad feat: backend, stream server & infra improvements 
Backend (Go):
- Config: CORS, RabbitMQ, rate limit, main config updates
- Routes: core, distribution, tracks routing changes
- Middleware: rate limiter, endpoint limiter, response cache hardening
- Handlers: distribution, search handler fixes
- Workers: job worker improvements
- Upload validator and logging config additions
- New migrations: products, orders, performance indexes
- Seed tooling and data

Stream Server (Rust):
- Audio processing, config, routes, simple stream server updates
- Dockerfile improvements

Infrastructure:
- docker-compose.yml updates
- nginx-rtmp config changes
- Makefile improvements (config, dev, high, infra)
- Root package.json and lock file updates
- .env.example updates

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:36:06 +01:00
senke
4b57b46bac feat: frontend improvements — UI polish, player bar, auth flow, i18n 
- Header, Sidebar, Toast, Dropdown, EmptyState component refinements
- Auth flow: LoginPage, RegisterPage, AuthInput, AuthLayout improvements
- Player bar: glass effect, progress, track info, controls enhancements
- Dashboard, Discover, Search pages updates
- PlaylistCard, TrackCard component improvements
- Auth store and API interceptors hardening
- i18n: updated en/es/fr locale files
- CSS additions in index.css
- Package.json and vite config updates

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:35:44 +01:00
senke
f047276362 chore: cleanup old e2e tests, playwright configs, reorganize down migrations 
- Remove old apps/web/e2e/ test suite (replaced by tests/e2e/)
- Remove old playwright configs (smoke, storybook, visual, root)
- Move down migrations to veza-backend-api/migrations/rollback/
- Remove stale test results and playwright report artifacts

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-18 11:35:26 +01:00
senke
ba04bd45a0 chore: update .gitignore — exclude binary, debug screenshots, MCP config 
- Add veza-backend-api/veza-api (99MB ELF binary) to gitignore
- Add root-level debug/test screenshot patterns
- Add .mcp.json (local MCP config)
- Remove veza-api binary from tracking

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-17 17:43:04 +01:00
senke
5eba30d9c2 Merge branch 'fix/v0.12.6-pentest-remediations' into main 2026-03-14 00:45:07 +01:00
senke
9cd0da0046 fix(v0.12.6): apply all pentest remediations — 36 findings across 36 files 
CRITICAL fixes:
- Race condition (TOCTOU) in payout/refund with SELECT FOR UPDATE (CRITICAL-001/002)
- IDOR on analytics endpoint — ownership check enforced (CRITICAL-003)
- CSWSH on all WebSocket endpoints — origin whitelist (CRITICAL-004)
- Mass assignment on user self-update — strip privileged fields (CRITICAL-005)

HIGH fixes:
- Path traversal in marketplace upload — UUID filenames (HIGH-001)
- IP spoofing — use Gin trusted proxy c.ClientIP() (HIGH-002)
- Popularity metrics (followers, likes) set to json:"-" (HIGH-003)
- bcrypt cost hardened to 12 everywhere (HIGH-004)
- Refresh token lock made mandatory (HIGH-005)
- Stream token replay prevention with access_count (HIGH-006)
- Subscription trial race condition fixed (HIGH-007)
- License download expiration check (HIGH-008)
- Webhook amount validation (HIGH-009)
- pprof endpoint removed from production (HIGH-010)

MEDIUM fixes:
- WebSocket message size limit 64KB (MEDIUM-010)
- HSTS header in nginx production (MEDIUM-001)
- CORS origin restricted in nginx-rtmp (MEDIUM-002)
- Docker alpine pinned to 3.21 (MEDIUM-003/004)
- Redis authentication enforced (MEDIUM-005)
- GDPR account deletion expanded (MEDIUM-006)
- .gitignore hardened (MEDIUM-007)

LOW/INFO fixes:
- GitHub Actions SHA pinning on all workflows (LOW-001)
- .env.example security documentation (INFO-001)
- Production CORS set to HTTPS (LOW-002)

All tests pass. Go and Rust compile clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-14 00:44:46 +01:00
senke
2a80cb4d2f feat(v0.12.6): update pentest deliverables with comprehensive 36-finding audit 
Expanded from initial 14-finding analysis to full 36 findings after
6 specialized audit agents completed deep analysis.

- PENTEST_REPORT: 5 CRITICAL, 10 HIGH, 12 MEDIUM, 6 LOW, 3 INFO
- REMEDIATION_MATRIX: P0 (6h), P1 (17h), P2 (8h), P3 (10h) = ~41h total
- ASVS_CHECKLIST: 70/102 (68.6%) with 5 FAIL, 26 PARTIAL

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:52:03 +01:00
senke
68b33e1475 Merge branch 'feat/v0.12.6-pentest-security-audit' 2026-03-13 16:45:01 +01:00
senke
7e05cdf5da feat(v0.12.6): pentest security audit — 3 deliverables 
- PENTEST_REPORT_VEZA_v0.12.6.md: 14 findings (0 CRIT, 2 HIGH, 5 MEDIUM, 4 LOW, 3 INFO), 18 PASS controls
- REMEDIATION_MATRIX_v0.12.6.md: prioritized remediation actions (P1: 4h, P2: 5h, P3: 5.5h)
- ASVS_CHECKLIST_v0.12.6.md: OWASP ASVS Level 2 — 92/101 (91.1%) conformity

Methodology: SAST + manual code review, OWASP Top 10 2021, API Security Top 10 2023

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:44:38 +01:00
senke
bd0d2ed41f Merge branch 'feat/v1.0.0-rc1-release-candidate' 2026-03-13 16:25:32 +01:00
senke
152f6ac554 docs: update VEZA_VERSIONS_ROADMAP [v1.0.0-rc1 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:24:04 +01:00
senke
d168bfd9e4 feat(v1.0.0-rc1): release candidate — GO/NO-GO audit, dark pattern fix, docs 
TASK-RC-001: GO/NO-GO checklist with evidence (16/21 GO, 5 staging-dependent)
TASK-RC-002: Dark pattern audit — removed public play/like/follower counts
  - TrackDetailPageCoverAndActions: stats visible only to creator
  - TrackList: removed public play count column
  - TrackSearchResults: removed play_count/like_count display
  - UserCard: removed public follower count
  - SearchPageResults: removed followers_count display
TASK-RC-003: Privacy policy (RGPD-compliant, docs/PRIVACY_POLICY.md)
TASK-RC-004: Discovery algorithm documentation (auditable, docs/DISCOVERY_ALGORITHM.md)
TASK-RC-005: Branch release ready (CI/CD validation pending)
TASK-RC-006: Re-pentest noted as optional/staging-dependent

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:23:18 +01:00
senke
efe5d7931f Merge branch 'feat/v0.14.0-validation-runtime-staging' 2026-03-13 16:12:33 +01:00
senke
9ebbbbd335 docs: update VEZA_VERSIONS_ROADMAP [v0.14.0 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:10:42 +01:00
senke
5088239337 feat(v0.14.0): validation runtime & staging pipeline 
- TASK-STAG-001: staging-validation.yml workflow (deploy + all checks)
- TASK-STAG-002: k6 staging performance validation (p95<100ms, stream<500ms)
- TASK-STAG-003: Lighthouse CI config (perf>=85, a11y>=90, CWV thresholds)
- TASK-STAG-004: staging-stability-check.sh (5xx rate monitoring)
- TASK-STAG-005: GDPR E2E integration test (export + deletion + anonymization)
- TASK-STAG-006: bundle size check integrated in validation pipeline

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 16:09:43 +01:00
senke
8b0267554a Merge branch 'feat/v0.13.5-polish-marketplace-compliance' 2026-03-13 14:59:50 +01:00
senke
b29de36c7f docs: update VEZA_VERSIONS_ROADMAP [v0.13.5 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 14:58:03 +01:00
senke
2281c91e8b feat(v0.13.5): polish marketplace & compliance — KYC, support, payout E2E 
- Seller KYC via Stripe Identity (start verification, status check, webhook)
- Support ticket system (backend handler + frontend form page)
- E2E payout flow integration test (sale → payment → balance → payout)
- Migrations: seller_kyc columns, support_tickets table
- Frontend: SupportPage with SUMI design, lazy loading, routing

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 14:57:19 +01:00
senke
739abe34e0 Merge branch 'feat/v0.13.4-polish-audio-player' 2026-03-13 14:01:30 +01:00
senke
73e267a5a6 docs: update VEZA_VERSIONS_ROADMAP [v0.13.4 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 14:00:10 +01:00
senke
32cacdcf09 feat(v0.13.4): polish audio & player — PiP canvas, visualizer, Cast/AirPlay stubs 
TASK-APLSH-001: Enhanced PiP with canvas-based display showing cover art + track info
TASK-APLSH-002: Chromecast detection hook (useCastSupport) — full casting deferred
TASK-APLSH-003: AirPlay detection hook (useAirPlaySupport) — Safari target picker
TASK-APLSH-004: AudioVisualizer component with 3 modes (bars/wave/spectrogram)
  - useSpectrumAnalyser hook (64 bands, high-res FFT)
  - Canvas-based rendering with SUMI color palette
  - Integrated into PlayerExpanded with toggle button

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 13:59:30 +01:00
senke
26aa51a2ab Merge branch 'feat/v0.13.3-polish-securite-avancee' 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 13:39:38 +01:00
senke
8afe01c0c0 Merge branch 'feat/v0.13.2-consolidation-design-system' 2026-03-13 10:16:09 +01:00
senke
e22db9c321 docs: update VEZA_VERSIONS_ROADMAP [v0.13.3 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 10:09:46 +01:00
senke
6a675565e1 feat(v0.13.3): complete - Polish Sécurité Avancée 
TASK-SECADV-001: WebAuthn/Passkeys (F022)
- WebAuthn credential model, service, handler
- Registration/authentication ceremony endpoints
- CRUD operations (list, rename, delete passkeys)
- Routes: GET/POST/PUT/DELETE /auth/passkeys/*

TASK-SECADV-002: Configurable password policy (F015)
- PasswordPolicyConfig with MinLength, MaxLength, RequireUpper/Lower/Number/Special
- NewPasswordValidatorWithPolicy constructor
- PasswordPolicyFromEnv() reads env vars (PASSWORD_MIN_LENGTH, etc.)
- All character class checks now respect policy configuration

TASK-SECADV-003: Géolocalisation connexions (F025)
- GeoIPResolver interface + GeoIPService implementation
- Country/city columns added to login_history table
- LoginHistoryService.Record() performs GeoIP lookup
- GetUserHistory returns geolocation data
- GET /auth/login-history endpoint

TASK-SECADV-004: Password expiration (F016)
- password_changed_at column on users table
- CheckPasswordExpiration() method on PasswordService
- All password change/reset methods now set password_changed_at
- NewPasswordServiceWithPolicy() supports expiration days config

Migration: 971_security_advanced_v0133.sql

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 10:09:01 +01:00
senke
d61842879d docs: update VEZA_VERSIONS_ROADMAP [v0.13.2 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 09:46:07 +01:00
senke
8c0dd30685 feat(v0.13.2): consolidation design system — SUMI tokens, package, stories 
TASK-DS-001: Migrated packages/design-system/ from legacy Kōdō to SUMI v2.0
  - New src/ structure with proper TypeScript exports
  - Component type registry documenting all 40+ UI components
  - cn() utility re-export
  - package.json with exports map for tokens subpaths

TASK-DS-002: Extracted design tokens as TypeScript objects
  - tokens/colors.ts: backgrounds, surfaces, text, pigments, semantic, glass, shadows, light theme
  - tokens/typography.ts: font families, sizes, weights, line heights, letter spacings
  - tokens/spacing.ts: spacing scale, radius, z-index, layout
  - tokens/motion.ts: durations and easing functions

TASK-DS-003: Added missing Storybook stories
  - EmptyState.stories.tsx (8 variants: default, icon, action, search, sizes, card, centered)
  - ButtonLoading.stories.tsx (6 variants: default, loading, text, destructive, outline, small)
  - ContentFadeIn.stories.tsx (2 variants: default, card)
  - DesignTokens.stories.tsx (visual token reference: pigments, backgrounds, text, typography, spacing, radius)
  - Total: 42 → 46 stories for UI components + design token showcase

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-13 09:45:09 +01:00
senke
565a37f7fe docs: update VEZA_VERSIONS_ROADMAP [v0.13.1 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 22:39:25 +01:00
senke
260e668615 feat(v0.13.1): conformité audio & player — gapless, crossfade, normalization 
TASK-AUDIO-001: Enhanced gapless playback with 10s pre-buffering
TASK-AUDIO-002: Crossfade UI in expanded player (0-12s configurable slider)
TASK-AUDIO-003: Audio normalization via Web Audio API GainNode (EBU R128)
TASK-AUDIO-004: Complete player features (playback speed, preload, fade)

- AudioPlayerService: added normalization gain node, connectAudioGraph(),
  setNormalizationGain(), setNormalizationEnabled() with dB-to-linear conversion
- useAudioAnalyser: integrated with gain node for correct audio graph routing
- useAudioNormalization: new hook syncing normalization state with track changes
- PlayerStore: added normalizationEnabled setting (persisted)
- AudioSettingsPanel: new component with crossfade slider + normalization toggle
- PlayerExpanded: added audio settings panel with Settings2 icon toggle
- GlobalPlayer: integrated useAudioNormalization hook
- usePlayer: extended pre-buffer window from 5s to 10s for gapless playback
- 97 tests passing (56 service + 41 store)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 22:38:44 +01:00
senke
d0ae65bd88 docs: update VEZA_VERSIONS_ROADMAP [v0.12.8 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 18:45:07 +01:00
senke
b47fa21331 feat(v0.12.8): documentation & API publique — rate limiting, scopes, OpenAPI 
- API key rate limiting middleware (1000 reads/h, 200 writes/h par clé)
  — tracking séparé read/write, par API key ID (pas par IP)
  — headers X-RateLimit-Limit/Remaining/Reset sur chaque réponse
- API key scope enforcement middleware (read → GET, write → POST/PUT/DELETE)
  — admin scope permet tout, CSRF skip pour API key auth
- OpenAPI spec: ajout securityDefinition ApiKeyAuth (X-API-Key header)
- Swagger annotations: ajout ApiKeyAuth dans cmd/api/main.go
- Wiring dans router.go: middlewares appliqués sur tout le groupe /api/v1
- Tests: 10 tests (5 rate limiter + 5 scope enforcement), tous PASS

Backend existant déjà en place (pré-v0.12.8):
- Swagger UI (gin-swagger + frontend SwaggerUIDoc component)
- API key CRUD (create/list/delete + X-API-Key auth dans AuthMiddleware)
- Developer Dashboard frontend (API keys, webhooks, playground)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 18:44:09 +01:00
senke
240d1370e9 test(v0.12.7): fix PreferenceSettings tests for i18n labels
Some checks failed
Frontend CI / test (push) Failing after 0s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 0s
Details 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 14:33:48 +01:00
senke
16860701f7 docs: update VEZA_VERSIONS_ROADMAP [v0.12.7 DONE] 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 14:29:59 +01:00
senke
24579b87c3 feat(v0.12.7): internationalisation i18n — FR/EN/ES avec formatage locale 
- Ajout traductions espagnol (es.json, 532 clés)
- Extension type Language à 'en' | 'fr' | 'es' dans tous les stores/hooks/types
- Formatage dates/nombres/monnaies selon la locale courante (Intl API)
- Utilitaires formatNumber() et formatCurrency() ajoutés
- Temps relatifs localisés (en/fr/es) dans date.ts
- PreferenceSettings utilise i18n pour les labels (plus de hardcoded French)
- Synchronisation i18n immédiate au changement de langue (sans rechargement)
- Tests: 50 tests passent (useTranslation + date utilities, 3 locales)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 14:29:22 +01:00
senke
955be70935 Merge branch 'feat/v0.13.0-conformite-features' 2026-03-12 09:32:07 +01:00
senke
e4dd09a909 feat(v0.13.0): conformité features partielles — CAPTCHA, password history, login history, SMS 2FA
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details 
TASK-CONF-001: SMS 2FA service (sms_2fa_service.go) — SMSProvider interface,
  rate limiting (3/h), 6-digit codes, 5min expiry, LogSMSProvider for dev.
TASK-CONF-002: CAPTCHA service (captcha_service.go) — Cloudflare Turnstile
  verification with fail-open + RequireCaptcha middleware. 11 tests.
TASK-CONF-003: Auth features completed:
  - F014 password history (password_history_service.go) — checks last 5 hashes,
    integrated into PasswordService.ChangePassword. 3 tests.
  - F024 login history (login_history_service.go) — Record, GetUserHistory,
    CountRecentFailures for security auditing.
  - F010/F013/F018/F021/F026 verified already implemented.
TASK-CONF-004: F075 ClamAV verified implemented. F080 watermark deferred (P4).
TASK-CONF-005: ADR-005 handler architecture documented (keep dual, migrate forward).
TASK-CONF-006: Frontend 0 TODO/FIXME, backend 1 — criteria met.

Migration: 970_password_login_history_v0130.sql (password_history, login_history,
sms_verification_codes tables).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 09:31:50 +01:00
senke
f47434ea06 Merge branch 'feat/v0.12.9-tests-ethiques-coverage' 2026-03-12 08:20:00 +01:00
senke
0aa77d2bd9 feat(v0.12.9): ethical bias tests, discovery algorithm docs, CI coverage gates
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details 
TASK-ETH-001: 4 discovery bias tests (genre/tag browse, emerging artist visibility,
  metrics not exposed in JSON). Verifies chronological ordering regardless of play count.
TASK-ETH-002: 4 search fairness tests (artist 0 plays discoverable, zero-play tracks
  not filtered, default sort is chronological, no popularity bias in default ranking).
TASK-ETH-003: veza-docs/DISCOVERY_ALGORITHM.md — documents all 6 discovery mechanisms,
  ethical constraints, and forbidden patterns per ORIGIN specs.
TASK-COV-001: CI coverage gates — Go >= 70% (backend-ci.yml), Rust >= 50% (rust-ci.yml
  with cargo-tarpaulin). Extended Go test scope to core/ and middleware/.
TASK-COV-002: Coverage badge JSON artifact on main push (shields.io compatible).

All 8 ethical tests PASS. Build clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 08:19:41 +01:00
senke
fdf335bc4c Merge branch 'feat/v0.12.6.3-nettoyage-fantome' 2026-03-12 07:30:18 +01:00
senke
72b732664a feat(v0.12.6.3): remove ghost modules — gamification, A/B testing, GraphQL stubs
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details 
Deleted 8 dead code modules identified by audit diagnostic:
- api/contest/, sound_design_contest/, production_challenge/, voting_system/
  (gamification stubs — violate CLAUDE.md Rule 3: no XP/streaks/leaderboards/badges)
- models/contest.go (314 lines: ContestBadge with rarity, ContestPrize, ContestVote)
- models/user.go: removed orphan JuryMember struct (contest reference)
- services/playback_abtest_service.go + test (476+579 lines: A/B testing on playback
  metrics — violates ORIGIN_UI_UX_SYSTEM.md §13 anti-dark-patterns)
- api/graphql/ (REST-only per ORIGIN spec)

Kept: listing/, offer/ (marketplace stubs, ORIGIN-approved), grpc/ (ORIGIN §9 approved).
Verified: go build passes, grep confirms 0 forbidden terms remaining.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 07:29:56 +01:00
senke
7a0819f69a feat(v0.12.6.2): enforce MFA for admin/moderator + align refresh token TTL to 7 days
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details 
TASK-SFIX-001: MFA enforcement for privileged roles
- Add RequireMFA() middleware, TwoFactorChecker interface, SetTwoFactorChecker()
- Apply to all 3 admin route groups (platform, moderation, core)
- Returns 403 "mfa_setup_required" if admin/moderator without 2FA
- Regular users bypass the check
- Ref: ORIGIN_SECURITY_FRAMEWORK.md Rule 5

TASK-SFIX-002: Refresh token TTL alignment
- jwt_service.go: RefreshTokenTTL 14d→7d, RememberMeRefreshTokenTTL 30d→7d
- handlers/auth.go: Cookie max-age and session expiresIn → 7d across
  Login, LoginWith2FA, Register, Refresh handlers
- middleware/auth.go: Session auto-refresh default 30d→7d
- Ref: ORIGIN_SECURITY_FRAMEWORK.md Rule 4

TASK-SFIX-003: 5 unit tests — all PASS
- TestRequireMFA_AdminWithoutMFA, TestRequireMFA_AdminWithMFA
- TestRequireMFA_RegularUserNotAffected
- TestRefreshTokenTTL_Is7Days, TestAccessTokenTTL_Is5Minutes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 06:53:27 +01:00
senke
0e4117f028 docs: integrate audit roadmap into VEZA_VERSIONS_ROADMAP — v0.12.6.1 DONE, 14 versions added 
- Mark v0.12.6.1 (pentest remediation 30/30) as DONE
- Add 14 new versions from audit: v0.12.6.2→v1.0.0-rc1
- Update tracking table with priorities P0→P3
- Update v0.12.6 checkboxes (all findings now resolved)
- Add Phase P7 (Conformité) and Validation phases
- Update AUDIT_05_ROADMAP_v1.0.md to reflect completed remediation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 06:34:52 +01:00
senke
f595824b97 fix(v0.12.6.1): LOW-002 update Hyperswitch 2025.01.21→2026.03.11 
Updated Hyperswitch payment router from 2025.01.21.0-standalone to
2026.03.11.0-standalone in both docker-compose.yml and docker-compose.prod.yml.

All 30/30 pentest findings now remediated.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 06:23:56 +01:00
senke
c0e2fe2e12 fix(v0.12.6.1): remediate remaining 15 MEDIUM + LOW pentest findings 
MEDIUM-002: Remove manual X-Forwarded-For parsing in metrics_protection.go,
  use c.ClientIP() only (respects SetTrustedProxies)
MEDIUM-003: Pin ClamAV Docker image to 1.4 across all compose files
MEDIUM-004: Add clampLimit(100) to 15+ handlers that parsed limit directly
MEDIUM-006: Remove unsafe-eval from CSP script-src on Swagger routes
MEDIUM-007: Pin all GitHub Actions to SHA in 11 workflow files
MEDIUM-008: Replace rabbitmq:3-management-alpine with rabbitmq:3-alpine in prod
MEDIUM-009: Add trial-already-used check in subscription service
MEDIUM-010: Add 60s periodic token re-validation to WebSocket connections
MEDIUM-011: Mask email in auth handler logs with maskEmail() helper
MEDIUM-012: Add k-anonymity threshold (k=5) to playback analytics stats
LOW-001: Align frontend password policy to 12 chars (matching backend)
LOW-003: Replace deprecated dotenv with dotenvy crate in Rust stream server
LOW-004: Enable xpack.security in Elasticsearch dev/local compose files
LOW-005: Accept context.Context in CleanupExpiredSessions instead of Background()
LOW-002: Noted — Hyperswitch version update deferred (requires payment integration tests)

29/30 findings remediated. 1 noted (LOW-002).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 06:13:38 +01:00
senke
01378a06a5 fix(v0.12.6.1): update in-memory UserRepositoryImpl to accept context.Context 
Aligns the in-memory implementation with the updated services.UserRepository
interface for consistency (HIGH-003 context propagation).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 05:47:47 +01:00
senke
24b29d229d fix(v0.12.6.1): remediate 2 CRITICAL + 10 HIGH + 1 MEDIUM pentest findings 
Security fixes implemented:

CRITICAL:
- CRIT-001: IDOR on chat rooms — added IsRoomMember check before
  returning room data or message history (returns 404, not 403)
- CRIT-002: play_count/like_count exposed publicly — changed JSON
  tags to "-" so they are never serialized in API responses

HIGH:
- HIGH-001: TOCTOU race on marketplace downloads — transaction +
  SELECT FOR UPDATE on GetDownloadURL
- HIGH-002: HS256 in production docker-compose — replaced JWT_SECRET
  with JWT_PRIVATE_KEY_PATH / JWT_PUBLIC_KEY_PATH (RS256)
- HIGH-003: context.Background() bypass in user repository — full
  context propagation from handlers → services → repository (29 files)
- HIGH-004: Race condition on promo codes — SELECT FOR UPDATE
- HIGH-005: Race condition on exclusive licenses — SELECT FOR UPDATE
- HIGH-006: Rate limiter IP spoofing — SetTrustedProxies(nil) default
- HIGH-007: RGPD hard delete incomplete — added cleanup for sessions,
  settings, follows, notifications, audit_logs anonymization
- HIGH-008: RTMP callback auth weak — fail-closed when unconfigured,
  header-only (no query param), constant-time compare
- HIGH-009: Co-listening host hijack — UpdateHostState now takes *Conn
  and verifies IsHost before processing
- HIGH-010: Moderator self-strike — added issuedBy != userID check

MEDIUM:
- MEDIUM-001: Recovery codes used math/rand — replaced with crypto/rand
- MEDIUM-005: Stream token forgeable — resolved by HIGH-002 (RS256)

Updated REMEDIATION_MATRIX: 14 findings marked  CORRIGÉ.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 05:40:53 +01:00
senke
0d845ebf2c Merge branch 'feat/v0.12.6-pentest-audit' 
# Conflicts:
#	VEZA_VERSIONS_ROADMAP.md
 2026-03-11 23:05:26 +01:00
senke
e35f1c0e51 Merge branch 'feat/v0.12.5-pwa-mobile' 
# Conflicts:
#	VEZA_VERSIONS_ROADMAP.md
 2026-03-11 23:05:01 +01:00
senke
8f4ba0c284 Merge branch 'feat/v0.12.4-performance-scalabilite' 
# Conflicts:
#	VEZA_VERSIONS_ROADMAP.md
 2026-03-11 23:04:31 +01:00