- 1.8: Implement GetUserByOAuthID in database.go via federated_identities join
- 1.8: Use OAuth ID lookup first in oauth_service getOrCreateUser
- 1.9: Add cargo audit step to chat-ci.yml and stream-ci.yml
Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md items 1.8, 1.9
- Add smoke-post-deploy.spec.ts for health checks
- Add playwright.config.smoke.ts (no webServer)
- Add smoke-post-deploy job to cd.yml (runs when STAGING_URL set)
- Document procedure in e2e/README.md
- Add turbo devDependency and packageManager to root
- Create turbo.json with build, test, lint pipeline
- Add package.json to veza-backend-api, veza-chat-server, veza-stream-server
- Extend workspaces to include Go and Rust services
- Migrate CI to use turbo run for build, test, lint
- Fix chat-ci.yml and stream-ci.yml to reference veza-chat-server/
and veza-stream-server/ instead of non-existent apps/ paths
- Add veza-common/ to CI triggers so shared library changes are tested
- Reactivate CD pipeline with Docker registry push and Kubernetes
deployment steps (gated on secrets availability)
- Standardize Redis dependency to v0.32 across both Rust services
Co-authored-by: Cursor <cursoragent@cursor.com>
Add clippy with -D warnings (deny all warnings) to both Rust CI
pipelines. The production-deploy workflow already had clippy.
This ensures lint issues are caught before merge for both services.
Addresses audit finding D15: clippy not present in all Rust workflows.
Co-authored-by: Cursor <cursoragent@cursor.com>
- Add govulncheck to backend-go job
- Add npm audit --audit-level=high to frontend job
- Both use || true to avoid blocking CI on existing vulns
Co-authored-by: Cursor <cursoragent@cursor.com>
- Created contrast utility (apps/web/src/utils/contrast.ts)
- getRelativeLuminance() - calculates WCAG relative luminance
- getContrastRatio() - calculates contrast ratio between colors
- meetsWCAGAA() / meetsWCAGAAA() - validates WCAG standards
- parseRGB() - parses RGB strings from CSS variables
- Created contrast test suite (apps/web/src/__tests__/contrast.test.ts)
- Tests all design system color combinations
- Validates primary text (white) on all backgrounds
- Validates secondary text (dim) on all backgrounds
- Validates text with opacity variants
- All combinations must meet WCAG AA (4.5:1)
- Added contrast test step to CI workflow
- Prevents contrast ratio regressions
- Action 11.1.1.5 complete
- Completed Action 1.1.2.4: Added cache step for generated types
- Cache keyed on openapi.yaml hash for automatic invalidation
- Speeds up CI by avoiding regeneration when spec unchanged
- Completed Action 1.1.2.3: Added type generation step to frontend CI
- Step runs before Type Check to ensure types are up-to-date
- CI will fail if generated types don't match OpenAPI spec
- Added chmod to ensure script is executable in CI environment
