senke
a007f4c7e4
fix(release): v1.0.2 — Conformité complète V1_SIGNOFF (21 critères)
...
Backend API CI / test-unit (push) Failing after 0s
Backend API CI / test-integration (push) Failing after 0s
Frontend CI / test (push) Failing after 0s
Storybook Audit / Build & audit Storybook (push) Failing after 0s
- Couverture Go: script coverage_report.sh, 39% mesuré
- Vitest thresholds frontend 50%
- Load test WebSocket: CHAT_ORIGIN→backend, WS_URL=/api/v1/ws
- Tests: chat_service (WSUrl), password_service (hash/expired)
- V1_SIGNOFF: 14 PASS, 7 N/A documentés
- PERFORMANCE_BASELINE, RGPD, PWA tables v1.0.2
- Runbooks, Grafana, Secrets validés
2026-03-03 21:18:53 +01:00
senke
7ede202e95
fix(release): v1.0.1 — Conformité complète ROADMAP checklist
...
Backend API CI / test-unit (push) Failing after 0s
Backend API CI / test-integration (push) Failing after 0s
Stream Server CI / test (push) Failing after 0s
- Sécurité: npm 0 CRITICAL, cargo audit 0 vulnérabilités
- OpenAPI: @Param id corrigé pour /tracks/quota/{id}
- Tests: Payment E2E passe, OAuth DATABASE_URL fallback
- Migrations: 000_mark_consolidated.sql
- veza-stream-server: prometheus 0.14, validator 0.19
- docs: SECURITY_SCAN_RC1, V1_SIGNOFF, PROJECT_STATE
2026-03-03 20:17:54 +01:00
senke
5cf305480c
chore(release): bump VERSION to 1.0.0 — Commercial release
2026-03-03 19:54:04 +01:00
senke
330607aeb3
chore(release): v0.992 RC2 — Release notes, sign-off final
2026-03-03 19:53:41 +01:00
senke
5457d36515
chore: regenerate CHANGELOG, bump VERSION to 0.991 for RC1
2026-03-03 19:52:49 +01:00
senke
80a3e1109b
chore(release): bump VERSION to 0.982
2026-03-03 19:50:29 +01:00
senke
e118199637
chore(release): v0.981 — Beta (staging deploy, bug bash, smoke test)
2026-03-02 19:33:42 +01:00
senke
8138723eca
chore(release): v0.971 — Phantom (gamification removal, WebRTC Beta, limits doc)
2026-03-02 19:25:37 +01:00
senke
c14b08a84e
chore(release): v0.951 — Loadtest (500 req/s, 1000 WS, 50 uploads, perf indexes)
2026-03-02 19:22:38 +01:00
senke
33a2384364
chore(release): v0.962 — Onboard (API ref, onboarding <30min, ADRs)
2026-03-02 19:11:06 +01:00
senke
0301b6d54c
chore(release): v0.952 — Observe (Grafana v1-overview, Prometheus alert_rules_v1)
2026-03-02 19:08:55 +01:00
senke
c38e915025
chore(release): v0.943 — Refactor (split track batch ops to track_batch_service)
2026-03-02 19:07:49 +01:00
senke
e2645cdaa0
chore(release): v0.942 — Compress (migration consolidation procedure, mark script)
2026-03-02 19:05:54 +01:00
senke
1b239d13ab
chore(release): v0.941 — Cleanup (dead code, migrations dedup, deprecated routes)
2026-03-02 19:04:30 +01:00
senke
3c5bb018cb
chore(release): v0.931 — Cursor (cursor-based pagination, performance baseline)
2026-03-02 12:35:49 +01:00
senke
c2aa0483eb
chore(release): v0.922 — Greenlight (handler tests: dashboard, presence)
2026-03-02 12:30:51 +01:00
senke
2dc5b452b2
chore(release): v0.921 — Rustproof (Rust test coverage >30%)
2026-03-02 12:28:20 +01:00
senke
4f47cec05d
feat(v0.923): API contract tests, OpenAPI generation, CI type sync check
2026-02-27 20:23:10 +01:00
senke
e02031044c
feat(v0.912): Cashflow - payment E2E integration tests
...
- Add MarketplaceServiceOverride and AuthMiddlewareOverride to config for tests
- Wire overrides in routes_webhooks and routes_marketplace (authForMarketplaceInterface)
- payment_flow_test: cart -> checkout -> webhook -> order completed, license, transfer
- webhook_idempotency_test: 3 identical webhooks -> 1 order, 1 license
- webhook_security_test: empty secret 500, invalid sig 401, valid sig 200
- refund_flow_test: completed order -> refund -> order refunded, license revoked
- Shared computeWebhookSignature helper in webhook_test_helpers.go
- SetMaxOpenConns(1) for sqlite :memory: in idempotency test to avoid flakiness
Ref: docs/ROADMAP_V09XX_TO_V1.md v0.912 Cashflow
2026-02-27 20:00:51 +01:00
senke
c96be67cbc
feat(auth): v0.911 Keystone - OAuth and auth integration tests
...
- Add access token blacklist on logout (VEZA-SEC-006)
- Extend OAuthService for mock provider injection in tests
- Add oauth_google_test.go: full OAuth Google flow with mocked provider
- Add oauth_github_test.go: OAuth GitHub flow with PKCE verification
- Add token_refresh_test.go: E2E refresh via httpOnly cookies
- Add logout_blacklist_test.go: E2E logout + token blacklist
- Fix testutils import path in resume_upload_test, track_quota_test
- Fix CreatorID -> UserID in track_quota_test
- Add test:integration script to package.json
Release: v0.911 Keystone
2026-02-27 09:58:53 +01:00
senke
515494007f
release(v0.903): Vault - ORDER BY whitelist, rate limiter, VERSION sync, chat-server cleanup, Go 1.24
...
- ORDER BY dynamiques : whitelist explicite, fallback created_at DESC
- Login/register soumis au rate limiter global
- VERSION sync + check CI
- Nettoyage références veza-chat-server
- Go 1.24 partout (Dockerfile, workflows)
- TODO/FIXME/HACK convertis en issues ou résolus
2026-02-27 09:43:25 +01:00
senke
4c0be12465
release(v0.902): Sentinel - PKCE OAuth, token encryption, redirect validation, CHAT_JWT_SECRET
...
- PKCE (S256) in OAuth flow: code_verifier in oauth_states, code_challenge in auth URL
- CryptoService: AES-256-GCM encryption for OAuth provider tokens at rest
- OAuth redirect URL validated against OAUTH_ALLOWED_REDIRECT_DOMAINS
- CHAT_JWT_SECRET must differ from JWT_SECRET in production
- Migration script: cmd/tools/encrypt_oauth_tokens for existing tokens
- Fixes: VEZA-SEC-003, VEZA-SEC-004, VEZA-SEC-009, VEZA-SEC-010
2026-02-26 19:49:15 +01:00
senke
6e204cc98a
feat(security): v0.901 Ironclad - fix 5 critical/high vulnerabilities
...
- OAuth: use JWTService+SessionService, httpOnly cookies (VEZA-SEC-001)
- Remove PasswordService.GenerateJWT (VEZA-SEC-002)
- Hyperswitch webhook: mandatory verification, 500 if secret empty (VEZA-SEC-005)
- Auth middleware: TokenBlacklist.IsBlacklisted check (VEZA-SEC-006)
- Waveform: ValidateExecPath before exec (VEZA-SEC-007)
2026-02-26 19:34:45 +01:00
senke
3eae916c4b
chore(release): v0.101.0 stable
2026-02-18 18:16:26 +01:00
