senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2174 commits 37 branches 94 tags 1.5 GiB
Commit graph

2174 commits

This branch
This branch
All branches
Author SHA1 Message Date
senke
b7434acf5a v0.9.8 beta 2026-03-07 00:54:35 +01:00
senke
9721e36289 v0.9.8 2026-03-06 19:13:16 +01:00
senke
7df866cd3f v0.9.7 beta 2026-03-06 18:58:37 +01:00
senke
99136948cb v0.9.7 2026-03-06 18:52:08 +01:00
senke
05446064ea v0.9.6 2026-03-06 10:29:30 +01:00
senke
9fa7f3a4d2 v0.9.5 2026-03-06 10:02:53 +01:00
senke
cd974172cb v0.9.4 2026-03-05 23:03:43 +01:00
senke
e8e4309ba1 v0.9.3 2026-03-05 19:35:57 +01:00
senke
24fc55c3df finalizing v0.9.2 2026-03-05 19:30:28 +01:00
senke
2956b12645 v0.9.2 2026-03-05 19:27:34 +01:00
senke
9a93068a9b v0.9.1 2026-03-05 19:22:31 +01:00
senke
a007f4c7e4 fix(release): v1.0.2 — Conformité complète V1_SIGNOFF (21 critères)
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details
Frontend CI / test (push) Failing after 0s
Details
Storybook Audit / Build & audit Storybook (push) Failing after 0s
Details 
- Couverture Go: script coverage_report.sh, 39% mesuré
- Vitest thresholds frontend 50%
- Load test WebSocket: CHAT_ORIGIN→backend, WS_URL=/api/v1/ws
- Tests: chat_service (WSUrl), password_service (hash/expired)
- V1_SIGNOFF: 14 PASS, 7 N/A documentés
- PERFORMANCE_BASELINE, RGPD, PWA tables v1.0.2
- Runbooks, Grafana, Secrets validés
 2026-03-03 21:18:53 +01:00
senke
7ede202e95 fix(release): v1.0.1 — Conformité complète ROADMAP checklist
Some checks failed
Backend API CI / test-unit (push) Failing after 0s
Details
Backend API CI / test-integration (push) Failing after 0s
Details
Stream Server CI / test (push) Failing after 0s
Details 
- Sécurité: npm 0 CRITICAL, cargo audit 0 vulnérabilités
- OpenAPI: @Param id corrigé pour /tracks/quota/{id}
- Tests: Payment E2E passe, OAuth DATABASE_URL fallback
- Migrations: 000_mark_consolidated.sql
- veza-stream-server: prometheus 0.14, validator 0.19
- docs: SECURITY_SCAN_RC1, V1_SIGNOFF, PROJECT_STATE
 2026-03-03 20:17:54 +01:00
senke
5cf305480c chore(release): bump VERSION to 1.0.0 — Commercial release 2026-03-03 19:54:04 +01:00
senke
330607aeb3 chore(release): v0.992 RC2 — Release notes, sign-off final 2026-03-03 19:53:41 +01:00
senke
5457d36515 chore: regenerate CHANGELOG, bump VERSION to 0.991 for RC1 2026-03-03 19:52:49 +01:00
senke
80a3e1109b chore(release): bump VERSION to 0.982 2026-03-03 19:50:29 +01:00
senke
6e99376e8e perf(web): add Lighthouse audit section for v0.982 2026-03-03 19:50:08 +01:00
senke
a0e9a36957 fix(bugbash): document P1/P2 bug bash completion for v0.981 2026-03-03 19:49:53 +01:00
senke
81be8331d1 docs: retrospective v0.803, archive scope, update SCOPE_CONTROL 
- Add RETROSPECTIVE_V0803.md
- Archive V0_803_RELEASE_SCOPE.md to docs/archive/
- Update SCOPE_CONTROL: phase v0.901, link to archived scope
- Update .cursorrules: scope v0.901, v0.803 archived
 2026-03-03 09:25:34 +01:00
senke
71525fdafb docs: update API_REFERENCE, CHANGELOG, FEATURE_STATUS, PROJECT_STATE for v0.803 2026-03-03 09:25:20 +01:00
senke
9f91c99547 feat(security): add global and per-IP DDoS rate limiting (1000/s, 100/s) 
SEC1-04: Redis sliding window 1s, excluded paths (health, swagger, auth)
 2026-03-03 09:25:08 +01:00
senke
d7a379644a feat(admin): add Settings tab with announcements, feature flags, maintenance 
- Add SETTINGS tab to AdminDashboardTabs with AdminSettingsView
- Align moderation actions to backend: dismiss, warn, ban (replace cleared/quarantined)
 2026-03-03 09:24:52 +01:00
senke
e118199637 chore(release): v0.981 — Beta (staging deploy, bug bash, smoke test) 2026-03-02 19:33:42 +01:00
senke
8138723eca chore(release): v0.971 — Phantom (gamification removal, WebRTC Beta, limits doc) 2026-03-02 19:25:37 +01:00
senke
c14b08a84e chore(release): v0.951 — Loadtest (500 req/s, 1000 WS, 50 uploads, perf indexes) 2026-03-02 19:22:38 +01:00
senke
33a2384364 chore(release): v0.962 — Onboard (API ref, onboarding <30min, ADRs) 2026-03-02 19:11:06 +01:00
senke
7db921672f chore(release): v0.961 — Playbook (runbooks déploiement, rollback, incident) 2026-03-02 19:09:46 +01:00
senke
0301b6d54c chore(release): v0.952 — Observe (Grafana v1-overview, Prometheus alert_rules_v1) 2026-03-02 19:08:55 +01:00
senke
c38e915025 chore(release): v0.943 — Refactor (split track batch ops to track_batch_service) 2026-03-02 19:07:49 +01:00
senke
e2645cdaa0 chore(release): v0.942 — Compress (migration consolidation procedure, mark script) 2026-03-02 19:05:54 +01:00
senke
1b239d13ab chore(release): v0.941 — Cleanup (dead code, migrations dedup, deprecated routes) 2026-03-02 19:04:30 +01:00
senke
3c5bb018cb chore(release): v0.931 — Cursor (cursor-based pagination, performance baseline) 2026-03-02 12:35:49 +01:00
senke
c2aa0483eb chore(release): v0.922 — Greenlight (handler tests: dashboard, presence) 2026-03-02 12:30:51 +01:00
senke
2dc5b452b2 chore(release): v0.921 — Rustproof (Rust test coverage >30%) 2026-03-02 12:28:20 +01:00
senke
4f47cec05d feat(v0.923): API contract tests, OpenAPI generation, CI type sync check 2026-02-27 20:23:10 +01:00
senke
e02031044c feat(v0.912): Cashflow - payment E2E integration tests 
- Add MarketplaceServiceOverride and AuthMiddlewareOverride to config for tests
- Wire overrides in routes_webhooks and routes_marketplace (authForMarketplaceInterface)
- payment_flow_test: cart -> checkout -> webhook -> order completed, license, transfer
- webhook_idempotency_test: 3 identical webhooks -> 1 order, 1 license
- webhook_security_test: empty secret 500, invalid sig 401, valid sig 200
- refund_flow_test: completed order -> refund -> order refunded, license revoked
- Shared computeWebhookSignature helper in webhook_test_helpers.go
- SetMaxOpenConns(1) for sqlite :memory: in idempotency test to avoid flakiness

Ref: docs/ROADMAP_V09XX_TO_V1.md v0.912 Cashflow
 2026-02-27 20:00:51 +01:00
senke
c96be67cbc feat(auth): v0.911 Keystone - OAuth and auth integration tests 
- Add access token blacklist on logout (VEZA-SEC-006)
- Extend OAuthService for mock provider injection in tests
- Add oauth_google_test.go: full OAuth Google flow with mocked provider
- Add oauth_github_test.go: OAuth GitHub flow with PKCE verification
- Add token_refresh_test.go: E2E refresh via httpOnly cookies
- Add logout_blacklist_test.go: E2E logout + token blacklist
- Fix testutils import path in resume_upload_test, track_quota_test
- Fix CreatorID -> UserID in track_quota_test
- Add test:integration script to package.json

Release: v0.911 Keystone
 2026-02-27 09:58:53 +01:00
senke
515494007f release(v0.903): Vault - ORDER BY whitelist, rate limiter, VERSION sync, chat-server cleanup, Go 1.24 
- ORDER BY dynamiques : whitelist explicite, fallback created_at DESC
- Login/register soumis au rate limiter global
- VERSION sync + check CI
- Nettoyage références veza-chat-server
- Go 1.24 partout (Dockerfile, workflows)
- TODO/FIXME/HACK convertis en issues ou résolus
 2026-02-27 09:43:25 +01:00
senke
4c0be12465 release(v0.902): Sentinel - PKCE OAuth, token encryption, redirect validation, CHAT_JWT_SECRET 
- PKCE (S256) in OAuth flow: code_verifier in oauth_states, code_challenge in auth URL
- CryptoService: AES-256-GCM encryption for OAuth provider tokens at rest
- OAuth redirect URL validated against OAUTH_ALLOWED_REDIRECT_DOMAINS
- CHAT_JWT_SECRET must differ from JWT_SECRET in production
- Migration script: cmd/tools/encrypt_oauth_tokens for existing tokens
- Fixes: VEZA-SEC-003, VEZA-SEC-004, VEZA-SEC-009, VEZA-SEC-010
 2026-02-26 19:49:15 +01:00
senke
6e204cc98a feat(security): v0.901 Ironclad - fix 5 critical/high vulnerabilities 
- OAuth: use JWTService+SessionService, httpOnly cookies (VEZA-SEC-001)
- Remove PasswordService.GenerateJWT (VEZA-SEC-002)
- Hyperswitch webhook: mandatory verification, 500 if secret empty (VEZA-SEC-005)
- Auth middleware: TokenBlacklist.IsBlacklisted check (VEZA-SEC-006)
- Waveform: ValidateExecPath before exec (VEZA-SEC-007)
 2026-02-26 19:34:45 +01:00
senke
2ef64037b5 docs: update documentation for v0.803 release 2026-02-25 20:04:37 +01:00
senke
c2d530727a test(v0.803): unit tests for CCPA, reports, announcements, feature flags 2026-02-25 20:02:24 +01:00
senke
2bc77aa5a7 feat(ui): connect admin views to real backend, add AnnouncementBanner, MSW handlers 2026-02-25 20:00:43 +01:00
senke
3edb10b567 feat(admin): feature flags CRUD with DB persistence 2026-02-25 19:56:24 +01:00
senke
d684c69439 feat(admin): global announcements CRUD and public banner endpoint 2026-02-25 19:55:21 +01:00
senke
2a9ca68763 feat(admin): maintenance mode middleware with 503 responses 2026-02-25 19:54:22 +01:00
senke
0d092466f1 feat(admin): moderation queue with reports CRUD 2026-02-25 19:53:04 +01:00
senke
0bee6e8727 feat(api): add Swagger annotations for privacy opt-out and account deletion 2026-02-25 19:51:54 +01:00
senke
29c1688786 feat(users): account deletion hardening with anonymization, S3 cleanup, session revocation 2026-02-25 19:51:21 +01:00