senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1699 commits 37 branches 94 tags 1.5 GiB
Commit graph

1069 commits

Author SHA1 Message Date
senke
65ea4c4b2e fix(e2e): fix auth flow tests for httpOnly cookie auth 2026-02-15 16:08:23 +01:00
senke
35511ce9ca chore: clean root directory, move design system files, update .gitignore 2026-02-15 16:05:54 +01:00
senke
1b25013c6f refactor(frontend): simplify TokenStorage usage for httpOnly cookie auth 2026-02-15 16:04:42 +01:00
senke
1b2079dcdd chore(frontend): remove or simplify ghost features (Developer Dashboard, Education/Gamification/Studio) 2026-02-15 16:03:43 +01:00
senke
7962c8f1b9 fix(frontend): connect social feed to backend with proper actor mapping 2026-02-15 16:02:49 +01:00
senke
f4c2acdd02 refactor(frontend): document chat store as single source of truth 2026-02-15 16:02:14 +01:00
senke
b9875c5e92 test(e2e): audit 2.10 — flows critiques Auth, Upload, Purchase, Chat 
- purchase.spec.ts: add to cart, checkout, success
- chat.spec.ts: load UI, send message (when WebSocket available)
- README: document critical flows and prerequisites
 2026-02-15 14:51:29 +01:00
senke
22e5e21757 chore(audit 2.4, 2.5): supprimer code mort Education et cmd/modern-server 
- Supprimer routes/handlers/core Education (backend)
- Supprimer handler MSW education, refs Sidebar/locales
- Basculer Makefile, make/dev.mk, scripts vers cmd/api/main.go
- Supprimer veza-backend-api/cmd/modern-server/
 2026-02-15 14:39:40 +01:00
senke
8b1644640d refactor(audit-2.1,2.6): unify views and pages to features/*/pages pattern 
- Migrate LiveView, GearView, PurchasesView, SocialView, AnalyticsView into features
- Create features: admin, developer, seller; add QueuePage, WishlistPage
- Migrate pages/marketplace to features/marketplace
- Remove components/views/ and pages/ legacy directories
- Update lazyExports, docs (ARCHITECTURE)
- Mark audit 2.1, 2.6 as done

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md items 2.1, 2.6
 2026-02-15 14:30:40 +01:00
senke
aceba5d991 fix(security): add JWT auth to HLS endpoints (audit 1.3, P0) 
- Add hls_auth_middleware in stream server (Bearer + ?token=)
- Apply auth to /hls/:track_id/* routes
- Update frontend hlsService to use stream server URL + pass JWT via xhrSetup
- Add getHLSXhrSetup() and getHLSURLWithToken() for hls.js integration
- Add VITE_HLS_BASE_URL config (derived from VITE_STREAM_URL when unset)
- Add unit tests for token extraction and HLS helpers
- Mark audit item 1.3 as done
 2026-02-15 12:48:58 +01:00
senke
f4c78fdf69 fix(auth): correct 2FA login flow and documentation 
- Fix misleading comment in TwoFactorVerify (authApi.verify2FA is for setup, not login)
- Add MSW handler for POST /auth/login/2fa
- Improve error display in AuthViewContent when 2FA verification fails
- Add integration test for 2FA login flow
- Update AUDIT_TECHNIQUE_INTEGRAL

Refs: AUDIT_TECHNIQUE_INTEGRAL_2026_02_15.md item 1.2 (P0)
 2026-02-15 12:42:48 +01:00
senke
45ebcb8cad docs: update TODO audit docs after Phase 3 2026-02-14 22:45:48 +01:00
senke
c2296ac1c6 test(e2e): add post-deploy smoke tests 
- Add smoke-post-deploy.spec.ts for health checks
- Add playwright.config.smoke.ts (no webServer)
- Add smoke-post-deploy job to cd.yml (runs when STAGING_URL set)
- Document procedure in e2e/README.md
 2026-02-14 22:45:10 +01:00
senke
d70f67f2fc feat(web): add CDN support for assets and audio 
- Add VITE_CDN_URL, VITE_CDN_ENABLED to .env.example
- Create getAssetURL, getAudioURL in utils/cdn.ts
- Use getAudioURL in hlsService for HLS stream URLs
 2026-02-14 22:44:06 +01:00
senke
75c027c5bd feat(web): add Zustand store migration strategy 
- Document migration approach in ZUSTAND_MIGRATION_STRATEGY.md
- Add persistWithMigration utility for future stores
- Add version and migrate to authStore, library, ui, cartStore, playerStore
 2026-02-14 22:43:06 +01:00
senke
791eedccae feat(web): propagate AbortSignal in TanStack Query hooks 
- Add useAbortSignal hook for component lifecycle cancellation
- Pass signal to apiClient in useLibraryItems, useUser, useDashboard,
  useMyTracks, useNotificationMenu
- Prevents memory leaks when navigating away during fetch
 2026-02-14 22:41:46 +01:00
senke
8ed5b2848c chore(web): remove ghost features Education, Gamification, Studio 
- Remove LazyEducation, education-view, components/education
- Delete educationService, handlers-ghost
- Remove EDUCATION, GAMIFICATION, STUDIO flags from features.ts
- Update FEATURE_STATUS.md
 2026-02-14 22:40:12 +01:00
senke
7c7580be4d refactor(auth): consolidate AuthContext to authStore, update Storybook 2026-02-14 22:06:22 +01:00
senke
92f432fb9e chore: consolidate pending changes (Hyperswitch, PostCard, dashboard, stream server, etc.) 2026-02-14 21:45:15 +01:00
senke
abb6668205 fix(web): disable ghost feature routes (Education, Gamification, Studio) 2026-02-14 20:19:23 +01:00
senke
6e06cb4fd7 refactor(frontend): split MarketplaceHome skeleton into separate component 2026-02-14 18:33:52 +01:00
senke
3635fae380 fix(tests): resolve playlistService skipped tests, document requestDeduplication flag 2026-02-14 18:13:01 +01:00
senke
ae586f6134 Phase 2 stabilisation: code mort, Modal→Dialog, feature flags, tests, router split, Rust legacy 
Bloc A - Code mort:
- Suppression Studio (components, views, features)
- Suppression gamification + services mock (projectService, storageService, gamificationService)
- Mise à jour Sidebar, Navbar, locales

Bloc B - Frontend:
- Suppression modal.tsx deprecated, Modal.stories (doublon Dialog)
- Feature flags: PLAYLIST_SEARCH, PLAYLIST_RECOMMENDATIONS, ROLE_MANAGEMENT = true
- Suppression 19 tests orphelins, retrait exclusions vitest.config

Bloc C - Backend:
- Extraction routes_auth.go depuis router.go

Bloc D - Rust:
- Suppression security_legacy.rs (code mort, patterns déjà dans security/)
 2026-02-14 17:23:32 +01:00
senke
794270597a fix(web): stabilize Vitest suite (auth integration: wrap with QueryClientProvider) 2026-02-14 14:21:17 +01:00
senke
4be5988f8e chore(e2e): run 2FA test when E2E_2FA_CODE (and optional creds) are set, document in README 2026-02-14 14:06:46 +01:00
senke
fa719e31e5 feat(e2e): add play flow test (library/search -> track page or player) 2026-02-14 14:04:36 +01:00
senke
4dcae6ca00 feat(web): add validate:storybook script (build, serve 6007, audit) 2026-02-14 14:02:57 +01:00
senke
2119833779 fix(e2e): stabilize auth, smoke, search, playlists specs 
- Global setup no longer throws when API is unavailable; writes empty
  auth state so Playwright can start; specs that need auth use their
  own login or storageState override.
- Ensure e2e/.auth dir exists before writing empty state.
 2026-02-14 14:02:13 +01:00
senke
37981c2c17 chore(refactor/sumi-migration): commit pending changes — tests, stream server, dist_verification 
- apps/web: test updates (Vitest/setup), playbackAnalyticsService, TrackGrid, serviceErrorHandler
- veza-common: logging, metrics, traits, validation, random
- veza-stream-server: audio pipeline, codecs, cache, monitoring, routes
- apps/web/dist_verification: refresh build assets (content-hashed filenames)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-13 19:39:18 +01:00
senke
de12f5036c fix(web): resolve all 568 TypeScript errors — tsc --noEmit now passes with zero errors 
Major categories fixed:
- TS6133 (188): Remove unused imports (React, icons, types) and variables
- TS2322 (222): Fix type mismatches in stories (satisfies Meta -> const meta: Meta),
  add nullish coalescing for optional values, fix component prop types
- TS2345 (43): Fix argument type mismatches with proper null checks and type narrowing
- TS2741 (21): Add missing required properties to mock/story data
- TS2339 (19): Fix property access on incorrect types, add type guards
- TS2353 (13): Remove extra properties from object literals or extend interfaces
- TS2352 (11): Fix type conversion chains
- TS2307 (9): Fix import paths and module references
- Other (42): Fix implicit any, possibly undefined, export declarations

Vite build and tsc --noEmit both pass cleanly.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-13 00:32:08 +01:00
senke
09bb663659 chore: enable noUncheckedIndexedAccess, isolate ghost MSW handlers, document go-clamd tech debt 
- Enable TypeScript noUncheckedIndexedAccess and fix 133 resulting errors
  across 46 files with proper null guards, optional chaining, and fallbacks
- Extract education/gamification ghost feature MSW handlers into handlers-ghost.ts
- Add Storybook test plugin documentation in vitest.config.ts
- Document abandoned go-clamd dependency (2017) as tech debt in upload_validator.go

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:12:35 +01:00
senke
1695606e24 refactor(ui): remove unused design-system package and create STORYBOOK_CONTRACT 
- Remove packages/design-system/ directory (superseded by SUMI tokens
  in apps/web/src/index.css, confirmed no imports exist)
- Update package.json keywords from kodo-design-system to sumi-design-system
- Create docs/STORYBOOK_CONTRACT.md defining mandatory story structure:
  Default, Loading, Error, Empty states for feature components
- Typography audit: SUMI utility classes defined in index.css, codebase
  correctly uses Tailwind classes with SUMI tokens via @theme — no
  migration needed

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 23:00:26 +01:00
senke
34e9d69af3 fix(tests): add missing component tests and fix failing tests 
- Fix setTimeout memory leak in ChatRoom.tsx by storing timeout in
  useRef and cleaning up on unmount
- Add tests for Accordion, Collapsible, FloatingInput, AnimatedNumber,
  and FAB components (5 new test files, all passing)
- Fix socialService methods (deleteComment, markRead, markAllRead) to
  return values matching test expectations
- Fix MSW handlers for chat/token and notification endpoints to use
  proper { success: true, data: ... } envelope format
- Fix invalid CSS selector in TrackList.test.tsx that caused JSDOM crash
- Document excluded test files with TODO tickets in vitest.config.ts

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:59:09 +01:00
senke
45bdf060ca feat(backend): add social groups, wishlist, cart, and playlist export endpoints 
- Add Group and GroupMember models with CRUD service methods
- Implement social group endpoints: create, list, get, join, leave
- Add WishlistItem model with get/add/remove service methods
- Add CartItem model with get/add/remove/checkout service methods
- Create handlers for marketplace wishlist and cart operations
- Register playlist export (JSON/CSV) and duplicate routes
- Enable PLAYLIST_SHARE and NOTIFICATIONS feature flags

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:48:50 +01:00
senke
8365cbfa6f refactor: LoadingState delegates all spinner rendering to LoadingSpinner 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:23:16 +01:00
senke
0faa20d644 fix: resolve ts-ignore directives and unsafe type casts 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:21:55 +01:00
senke
24b2c2fb84 test: add tests for ErrorDisplay, LoadingState, ComingSoon 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:19:54 +01:00
senke
a68e776797 a11y: enhance global prefers-reduced-motion support 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:18:36 +01:00
senke
1acfca86b1 fix: remove as any casts from application components 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:17:55 +01:00
senke
2f46712789 fix: type authService.login, replace remaining console.error with logger 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:15:10 +01:00
senke
958d40896c perf: improve bundle splitting -- separate framer-motion, axios, dompurify, i18n chunks 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:04:56 +01:00
senke
df85544a8f refactor: unify loading components -- consolidate Spinner into LoadingSpinner 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:04:45 +01:00
senke
53c9e42d9c refactor: complete Modal to Dialog migration for 6 modals 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 22:01:05 +01:00
senke
ed6d209b92 refactor: replace console.log with logger, fix TrackCard type, memoize DashboardPage 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:57:02 +01:00
senke
e5fd019edf a11y: skip link exists in App, ChatInput aria-label, sidebar focus trap, MiniPlayer aria-live 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:55:25 +01:00
senke
9f7a42cdb5 fix: memory leaks -- add setTimeout cleanup in ChatInput, SocialViewFeedItem, PostCard 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:54:06 +01:00
senke
d919f8c7c9 fix: critical bugs -- ChatInput var, authService types, dep placement 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 21:53:39 +01:00
senke
37dae9e646 fix(a11y): Sprint 7 — semantic HTML and accessibility deep-dive 
S7.1: Replace div onClick with semantic button in DialogTrigger.tsx
S7.2: Replace role="button" divs with native <button> elements in 12 files
      (PlaylistCard, TrackCard, ConversationItem, NotificationMenuItem,
       AudioPlayerTrackInfo, SearchPageResults, ProjectsManagerAddCard,
       ProjectsManagerCard, GearInventoryGrid, UploadModal, dropdown.tsx,
       LibraryPageGrid)
S7.3: Add focus-visible:ring-2 to 14 form inputs with outline-none across
      9 modal files (CreateGroupModal, DataExportModal, EditPlaylistModal,
      AddToPlaylistModal, BanUserModal, RefundRequestModal, FlashSaleModal,
      TipStreamerModal, CreatePostModal)
S7.4: Add semantic landmarks — <section> in DashboardPage, <article> in
      PostCard and CourseCard

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 10:34:39 +01:00
senke
5f88c56113 fix: UI remediation Phase 1 (S0-S5) + Phase 2 Sprint 6 shadow system 
Phase 1:
- S0: Fix open redirect (safeNavigate), delete AuthContext/legacy auth, encrypt API keys, gitignore .env files
- S1: Split client.ts god object into 5 modules, unify toast system, delete unused Sidebar
- S2: Add glass button variant, migrate 32 z-index to SUMI tokens, fix card dark mode
- S3: Skip nav link, aria-hidden on icons, focus-visible ring fixes, alt attrs, aria-live regions
- S4: React.memo on list items, fix key={index}, loading=lazy on images
- S5: Branded loading screen, page transitions respect reduced-motion, LikeButton micro-interaction, i18n sidebar/header

Phase 2 Sprint 6:
- Wire Tailwind shadow utilities to SUMI tokens in @theme block (fixes 50+ files)
- Define shadow-card/shadow-card-hover tokens
- Remove dark:shadow-none workarounds from card.tsx (SUMI handles per-theme shadows)

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 10:13:44 +01:00
senke
34e1f41091 refactor: Phase 8 — Update docs, ESLint, Storybook config for SUMI 
- DESIGN_TOKENS.md: Complete rewrite to document --sumi-* token system
- APP_SHELL.md: Update layout shell docs (glass bg, backdrop-blur, z-index)
- DESIGN_DIRECTION.md: Update aesthetic direction to SUMI philosophy
- .storybook/preview.tsx: Remove deleted CSS imports, update bg colors
- eslint.config.js: Update color rule message from Kodo to SUMI tokens
- tailwind.config.ts: Fix comment referencing deleted design-tokens.css

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-12 02:15:11 +01:00